Edit tour

Windows Analysis Report
FACTURAMAIL.html

Overview

General Information

Sample name:	FACTURAMAIL.html
Analysis ID:	1585490
MD5:	97bf8733d8d0f3122b7780a8fdc1c2d7
SHA1:	a940b99f353ed649d05b72e169253d1497ddc25a
SHA256:	de285b9f73391d5476dbe764acdd14be8a95df42d16a26df8e7299c785d0e234
Tags:	htmluser-cocaman
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus detection for URL or domain

Detected suspicious crossdomain redirect

IP address seen in connection with other malware

Classification

Process Tree

System is w10x64

chrome.exe (PID: 5064 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Desktop\FACTURAMAIL.html" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 1344 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2504 --field-trial-handle=2452,i,15626069555175350645,14308672974480605932,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 1364 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5724 --field-trial-handle=2452,i,15626069555175350645,14308672974480605932,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 1020 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3232 --field-trial-handle=2452,i,15626069555175350645,14308672974480605932,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

HTTP traffic detected: POST /gen_204?s=webhp&t=cap&atyp=csi&ei=-F19Z6PLDqaV9u8Pra276A8&rt=wsrt.4402,cbt.91,hst.49&opi=89978449&dt=&ts=300 HTTP/1.1Host: www.google.comConnection: keep-aliveContent-Length: 0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"Content-Type: text/plain;charset=UTF-8sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.google.comX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQjcvc0BCJDKzQEIucrNAQii0c0BCIrTzQEIntbNAQin2M0BCPnA1BUY9snNARi60s0BGOuNpRc=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AEC=AZ6Zc-V3NDzY5GD-odoGC5HMfGXBe0BBilPReFewzLkpj5KY7t6I9Lcw0w; NID=520=dR0wKL5p6kLfAaRxqSJg0ZivkU7sgFycU7YRbaVrEsU6oGOCya0-3V2yRIiDcMcv2cVU78_-N-VbE8w_k4-eXmeIFKXUFsBQw70fjY4zx8waVpper0QPRWWXBV0SK9TRPbs-ftc-aeTmAb1QP-nr1-IcN30Mbz6z0UF1g49fa08RmFbe6GRQn7k9ZEYDpUPtq4NN8FsC

Source: chromecache_398.2.dr, chromecache_404.2.dr	String found in binary or memory: http://csi.gstatic.com/csi
Source: chromecache_401.2.dr, chromecache_414.2.dr	String found in binary or memory: http://hammerjs.github.io/
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: http://localhost.corp.google.com/inapp/
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: http://localhost.proxy.googlers.com/inapp/
Source: chromecache_297.2.dr	String found in binary or memory: http://schema.org/WebPage
Source: chromecache_311.2.dr, chromecache_396.2.dr, chromecache_326.2.dr, chromecache_245.2.dr	String found in binary or memory: http://tools.ietf.org/html/rfc1950
Source: chromecache_384.2.dr, chromecache_282.2.dr, chromecache_380.2.dr, chromecache_273.2.dr	String found in binary or memory: http://www.broofa.com
Source: chromecache_326.2.dr	String found in binary or memory: http://www.youtube.com/videoplayback
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: http://youtube.com/drm/2012/10/10
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: http://youtube.com/streaming/metadata/segment/102015
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: http://youtube.com/streaming/otf/durations/112015
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: http://youtube.com/yt/2012/10/10
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://abc.xyz/investor/?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_301.2.dr	String found in binary or memory: https://about.google/intl/ALL_us/
Source: chromecache_398.2.dr, chromecache_404.2.dr	String found in binary or memory: https://accounts.google.com/gsi/ottoken
Source: chromecache_404.2.dr	String found in binary or memory: https://accounts.google.com/o/fedcm/config.json
Source: chromecache_404.2.dr, chromecache_339.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: chromecache_404.2.dr, chromecache_339.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/iframe
Source: chromecache_319.2.dr, chromecache_402.2.dr, chromecache_398.2.dr, chromecache_408.2.dr, chromecache_235.2.dr, chromecache_320.2.dr, chromecache_365.2.dr, chromecache_418.2.dr, chromecache_404.2.dr, chromecache_339.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
Source: chromecache_394.2.dr	String found in binary or memory: https://accounts.google.com/signin/v2/identifier%3Fec%3Dfutura_hpp_co_si_001_p%26continue%3Dhttps%25
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://admin.youtube.com
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://ads.google.com/home/?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_237.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_301.2.dr	String found in binary or memory: https://ai.google/responsibility/principles/#:~:text=updates%20on%20our%20ai%20principles%3A
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/hammerjs/2.0.8/hammer.min.js
Source: chromecache_397.2.dr, chromecache_307.2.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://angular.dev/license
Source: chromecache_339.2.dr	String found in binary or memory: https://apis.google.com
Source: chromecache_290.2.dr, chromecache_336.2.dr	String found in binary or memory: https://apis.google.com/js/api.js
Source: chromecache_339.2.dr, chromecache_379.2.dr	String found in binary or memory: https://apis.google.com/js/client.js
Source: chromecache_320.2.dr	String found in binary or memory: https://apis.google.com/js/googleapis.proxy.js
Source: chromecache_267.2.dr	String found in binary or memory: https://apis.google.com/js/googleapis.proxy.js?onload=startup
Source: FACTURAMAIL.html	String found in binary or memory: https://archivofdb.online
Source: FACTURAMAIL.html	String found in binary or memory: https://archivofdb.online&historyHash=
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.co.uk/inapp/
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.co.uk/tools/feedback/
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.com/inapp/
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.com/tools/feedback/
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.de/inapp/
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.de/tools/feedback/
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://asx-frontend-autopush.corp.youtube.com/inapp/
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://asx-frontend-autopush.corp.youtube.com/tools/feedback/
Source: chromecache_379.2.dr	String found in binary or memory: https://asx-frontend-staging.corp.google.com/inapp/
Source: chromecache_379.2.dr	String found in binary or memory: https://asx-frontend-staging.corp.google.com/tools/feedback/
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://asx-help-frontend-autopush.corp.youtube.com/inapp/
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://asx-help-frontend-autopush.corp.youtube.com/tools/feedback/
Source: chromecache_301.2.dr	String found in binary or memory: https://blog.google
Source: chromecache_259.2.dr, chromecache_371.2.dr	String found in binary or memory: https://blog.google/authors/molly-mchugh-johnson/
Source: chromecache_330.2.dr, chromecache_324.2.dr	String found in binary or memory: https://blog.google/outreach-initiatives/public-policy/
Source: chromecache_330.2.dr, chromecache_324.2.dr	String found in binary or memory: https://blog.google/outreach-initiatives/public-policy/google-remedies-proposal-dec-2024/
Source: chromecache_330.2.dr, chromecache_324.2.dr	String found in binary or memory: https://blog.google/outreach-initiatives/sustainability/
Source: chromecache_330.2.dr, chromecache_324.2.dr	String found in binary or memory: https://blog.google/outreach-initiatives/sustainability/6-unique-ways-we-advanced-energy-solutions-i
Source: chromecache_259.2.dr, chromecache_371.2.dr	String found in binary or memory: https://blog.google/products/chrome/
Source: chromecache_259.2.dr, chromecache_371.2.dr	String found in binary or memory: https://blog.google/products/chrome/chrome-autofill/
Source: chromecache_301.2.dr	String found in binary or memory: https://blog.google/products/gemini/google-gemini-ai-collection-2024
Source: chromecache_330.2.dr, chromecache_259.2.dr, chromecache_324.2.dr, chromecache_371.2.dr	String found in binary or memory: https://blog.google/products/gmail/
Source: chromecache_330.2.dr, chromecache_259.2.dr, chromecache_324.2.dr, chromecache_371.2.dr	String found in binary or memory: https://blog.google/products/gmail/gmail-holidays-2024-spam-scam/
Source: chromecache_324.2.dr, chromecache_371.2.dr	String found in binary or memory: https://blog.google/products/google-cloud/
Source: chromecache_330.2.dr, chromecache_324.2.dr	String found in binary or memory: https://blog.google/products/google-cloud/ai-trends-business-2025/
Source: chromecache_330.2.dr, chromecache_259.2.dr, chromecache_324.2.dr, chromecache_371.2.dr	String found in binary or memory: https://blog.google/products/google-cloud/gen-ai-business-use-cases/
Source: chromecache_259.2.dr, chromecache_371.2.dr	String found in binary or memory: https://blog.google/products/news/
Source: chromecache_259.2.dr, chromecache_371.2.dr	String found in binary or memory: https://blog.google/products/news/news-showcase-is-launching-in-switzerland/
Source: chromecache_259.2.dr, chromecache_371.2.dr	String found in binary or memory: https://blog.google/products/pixel/
Source: chromecache_259.2.dr, chromecache_371.2.dr	String found in binary or memory: https://blog.google/products/pixel/google-pixel-screenshots-tips/
Source: chromecache_330.2.dr, chromecache_259.2.dr, chromecache_324.2.dr, chromecache_371.2.dr	String found in binary or memory: https://blog.google/products/search/
Source: chromecache_330.2.dr, chromecache_259.2.dr, chromecache_324.2.dr, chromecache_371.2.dr	String found in binary or memory: https://blog.google/products/search/google-lens-tips-2025/
Source: chromecache_371.2.dr	String found in binary or memory: https://blog.google/technology/ai/
Source: chromecache_330.2.dr, chromecache_259.2.dr, chromecache_324.2.dr, chromecache_371.2.dr	String found in binary or memory: https://blog.google/technology/ai/google-ai-news-recap-2024/
Source: chromecache_330.2.dr, chromecache_259.2.dr, chromecache_324.2.dr, chromecache_371.2.dr	String found in binary or memory: https://blog.google/technology/ai/google-ai-updates-december-2024/
Source: chromecache_330.2.dr, chromecache_324.2.dr	String found in binary or memory: https://blog.google/technology/health/
Source: chromecache_330.2.dr, chromecache_324.2.dr	String found in binary or memory: https://blog.google/technology/health/open-health-stack-developers/
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://careers.google.com/?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_355.2.dr, chromecache_278.2.dr, chromecache_236.2.dr, chromecache_389.2.dr, chromecache_298.2.dr, chromecache_237.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_337.2.dr, chromecache_348.2.dr	String found in binary or memory: https://cda-push-dev.sandbox.googleapis.com/upload/
Source: chromecache_319.2.dr, chromecache_235.2.dr, chromecache_320.2.dr, chromecache_339.2.dr	String found in binary or memory: https://classroom.google.com/sharewidget?usegapi=1
Source: chromecache_319.2.dr, chromecache_235.2.dr, chromecache_320.2.dr, chromecache_339.2.dr	String found in binary or memory: https://clients3.google.com/cast/chromecast/home/widget/backdrop?usegapi=1
Source: chromecache_404.2.dr, chromecache_339.2.dr	String found in binary or memory: https://clients6.google.com
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://cloud.google.com/?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_398.2.dr, chromecache_404.2.dr	String found in binary or memory: https://console.developers.google.com/
Source: chromecache_348.2.dr	String found in binary or memory: https://content-push.googleapis.com/upload/
Source: chromecache_404.2.dr, chromecache_339.2.dr	String found in binary or memory: https://content.googleapis.com
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://crisisresponse.google/?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://crisisresponse.google/?utm_source=about.google&utm_medium=referral&utm_campaign=site
Source: chromecache_398.2.dr, chromecache_404.2.dr	String found in binary or memory: https://csi.gstatic.com/csi
Source: chromecache_380.2.dr, chromecache_273.2.dr	String found in binary or memory: https://csp.withgoogle.com/csp/lcreport/
Source: chromecache_319.2.dr, chromecache_235.2.dr, chromecache_320.2.dr, chromecache_339.2.dr	String found in binary or memory: https://dataconnector.corp.google.com/:session_prefix:ui/widgetview?usegapi=1
Source: FACTURAMAIL.html	String found in binary or memory: https://deref-mail.com/mail/client/blank
Source: chromecache_398.2.dr, chromecache_404.2.dr	String found in binary or memory: https://developers.google.com/
Source: chromecache_398.2.dr, chromecache_404.2.dr	String found in binary or memory: https://developers.google.com/api-client-library/javascript/reference/referencedocs
Source: chromecache_404.2.dr	String found in binary or memory: https://developers.google.com/identity/gsi/web/guides/gis-migration)
Source: chromecache_338.2.dr, chromecache_256.2.dr	String found in binary or memory: https://developers.google.com/youtube/iframe_api_reference#Events
Source: chromecache_404.2.dr	String found in binary or memory: https://developers.googleblog.com/2018/03/discontinuing-support-for-json-rpc-and.html
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://diversity.google/?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://docs.google.com/get_video_info
Source: chromecache_402.2.dr, chromecache_398.2.dr, chromecache_408.2.dr, chromecache_365.2.dr, chromecache_418.2.dr, chromecache_404.2.dr	String found in binary or memory: https://domains.google.com/suggest/flow
Source: chromecache_319.2.dr, chromecache_235.2.dr, chromecache_320.2.dr, chromecache_339.2.dr	String found in binary or memory: https://drive.google.com/savetodrivebutton?usegapi=1
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://edu.google.com?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_337.2.dr, chromecache_348.2.dr	String found in binary or memory: https://embeddedassistant-webchannel.googleapis.com/google.assistant.embedded.v1.EmbeddedAssistant/A
Source: chromecache_350.2.dr	String found in binary or memory: https://encrypted-tbn0.gstatic.com/images?q
Source: chromecache_319.2.dr, chromecache_235.2.dr, chromecache_320.2.dr, chromecache_339.2.dr	String found in binary or memory: https://families.google.com/webcreation?usegapi=1&usegapi=1
Source: chromecache_379.2.dr	String found in binary or memory: https://feedback-pa.clients6.google.com
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://feedback.googleusercontent.com/resources/annotator.css
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://feedback.googleusercontent.com/resources/render_frame2.html
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://feedback2-test.corp.google.com/inapp/%
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://feedback2-test.corp.google.com/tools/feedback/%
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://feedback2-test.corp.googleusercontent.com/inapp/%
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://feedback2-test.corp.googleusercontent.com/tools/feedback/%
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.google.com/license/googlerestricted
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://fonts.googleapis.com
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://fonts.gstatic.com
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesans/v62/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RP
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv39oS_a.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDvD9oS_a.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDvH9oS_a.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDvr9oS_a.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUo9-KzpRiLCAt4Unrc-xIKmCU5qE9Gh09GixI.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUo9-KzpRiLCAt4Unrc-xIKmCU5qE9Ghk9GixI.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUo9-KzpRiLCAt4Unrc-xIKmCU5qE9GiU9G.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUo9-KzpRiLCAt4Unrc-xIKmCU5qE9Gik9GixI.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUo9-KzpRiLCAt4Unrc-xIKmCU5qE9GjU9GixI.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmZjtiu7.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmdjtiu7.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmhjtg.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmtjtiu7.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmxjtiu7.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmZjtiu7.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmdjtiu7.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmhjtg.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmtjtiu7.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmxjtiu7.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUr9-KzpRiLCAt4Unrc-xIKmCU5qE9OMmpTsDO_PZ0.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUr9-KzpRiLCAt4Unrc-xIKmCU5qE9OMmpTtDO_.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUr9-KzpRiLCAt4Unrc-xIKmCU5qE9OMmpTtzO_PZ0.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUr9-KzpRiLCAt4Unrc-xIKmCU5qE9OMmpTujO_PZ0.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUr9-KzpRiLCAt4Unrc-xIKmCU5qE9OMmpTuzO_PZ0.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUr9-KzpRiLCAt4Unrc-xIKmCU5qE9OemxTsDO_PZ0.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUr9-KzpRiLCAt4Unrc-xIKmCU5qE9OemxTtDO_.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUr9-KzpRiLCAt4Unrc-xIKmCU5qE9OemxTtzO_PZ0.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUr9-KzpRiLCAt4Unrc-xIKmCU5qE9OemxTujO_PZ0.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUr9-KzpRiLCAt4Unrc-xIKmCU5qE9OemxTuzO_PZ0.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qE52i1dC.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qER2i1dC.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEV2i1dC.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEl2i1dC.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2)
Source: chromecache_384.2.dr, chromecache_282.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey200-36dp/2x/gm_alert_gm_grey200_3
Source: chromecache_384.2.dr, chromecache_282.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey600-36dp/2x/gm_alert_gm_grey600_3
Source: chromecache_384.2.dr, chromecache_282.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey200-24dp/1x/gm_close_gm_grey200_2
Source: chromecache_384.2.dr, chromecache_282.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey600-24dp/1x/gm_close_gm_grey600_2
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVE9eOcEg.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVFNeOcEg.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVGdeOcEg.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1MmgVxEIzIFKw.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1MmgVxFIzIFKw.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1MmgVxGIzIFKw.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1MmgVxHIzIFKw.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1MmgVxIIzI.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1MmgVxLIzIFKw.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1MmgVxMIzIFKw.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fCBc4EsA.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fCRc4EsA.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_309.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_243.2.dr, chromecache_284.2.dr, chromecache_276.2.dr, chromecache_340.2.dr	String found in binary or memory: https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
Source: chromecache_311.2.dr, chromecache_396.2.dr, chromecache_326.2.dr, chromecache_245.2.dr	String found in binary or memory: https://github.com/madler/zlib/blob/master/zlib.h
Source: chromecache_318.2.dr, chromecache_310.2.dr	String found in binary or memory: https://github.com/scottjehl/picturefill/blob/3.0.2/Authors.txt
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://grow.google/?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_301.2.dr	String found in binary or memory: https://grow.google/certificates/?utm_source=google&utm_medium=blog&utm_campaign=about-googl
Source: chromecache_379.2.dr	String found in binary or memory: https://gstatic.com/uservoice/surveys/resources/
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://health.google/?utm_source=about_google&utm_medium=web&utm_content=footer
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://help.youtube.com/tools/feedback/
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://i.ytimg.com/vi/
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://instagram.com/google/
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://jnn-pa.googleapis.com
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://learning.google/?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://learning.google/?utm_source=about.google&utm_medium=referral&utm_campaign=site-switc
Source: chromecache_380.2.dr, chromecache_273.2.dr	String found in binary or memory: https://lens.google.com
Source: chromecache_244.2.dr, chromecache_271.2.dr	String found in binary or memory: https://lens.google.com/gen204
Source: chromecache_273.2.dr	String found in binary or memory: https://lensfrontend-pa.clients6.google.com/v1/crupload
Source: chromecache_380.2.dr, chromecache_273.2.dr	String found in binary or memory: https://lensfrontend-pa.clients6.google.com/v1/gsessionid
Source: chromecache_301.2.dr	String found in binary or memory: https://lh3.googleusercontent.com/5mIriK_GH1r-k08AKLwXV_HZH7NeiGHeAda9B3NZrcKGiNUrKPG4ezclR3hGpsx5mM
Source: chromecache_301.2.dr	String found in binary or memory: https://lh3.googleusercontent.com/8z6h0V4mHRbBVKOIRQwDF6Jh0AlCZxF5AMpYy8_SSCgGiuYyy7sQKNaJ_N2oPnaVYH
Source: chromecache_301.2.dr	String found in binary or memory: https://lh3.googleusercontent.com/CMeutwvkARWLCyrjSLBqp0KSCGYBZoL7lYkoqLYS-utC81JRLRUwMvdDcNypJ_p7iS
Source: chromecache_301.2.dr	String found in binary or memory: https://lh3.googleusercontent.com/SlyChETIQJ7vYqlxu4X_R1i2HoXIqYtGBMTDWDmuJwFZBVvypnUvt8KvcWfQvOZW-G
Source: chromecache_301.2.dr	String found in binary or memory: https://lh3.googleusercontent.com/sbusTGfIzIf2EpK3j1EygXk_Qaq1i5WBMRKge7jsMHnU8IvJK2BR-rr7laSFVUBu3U
Source: chromecache_301.2.dr	String found in binary or memory: https://lh3.googleusercontent.com/zk_R49gFSp4jZTN2c7BL1BQo4cfVRFXxdu2EkHQFbIv7eLwRP2Q2GEFRCahfFIQ-Xg
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://localhost.corp.google.com/inapp/
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://localhost.proxy.googlers.com/inapp/
Source: FACTURAMAIL.html	String found in binary or memory: https://m.mail.com
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://music.youtube.com
Source: chromecache_297.2.dr	String found in binary or memory: https://ogads-pa.googleapis.com
Source: chromecache_394.2.dr	String found in binary or memory: https://ogs.google.com/
Source: chromecache_297.2.dr	String found in binary or memory: https://ogs.google.com/widget/app/so?eom=1
Source: chromecache_394.2.dr	String found in binary or memory: https://ogs.google.com/widget/callout
Source: chromecache_297.2.dr	String found in binary or memory: https://ogs.google.com/widget/callout?eom=1
Source: chromecache_297.2.dr	String found in binary or memory: https://ogs.google.com/widget/callout?prid=19037050
Source: chromecache_237.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_355.2.dr, chromecache_278.2.dr, chromecache_236.2.dr, chromecache_389.2.dr, chromecache_298.2.dr, chromecache_237.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_339.2.dr	String found in binary or memory: https://pay.google.com/gp/v/widget/save
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://play.google.com/?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_304.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_319.2.dr, chromecache_235.2.dr, chromecache_320.2.dr, chromecache_339.2.dr	String found in binary or memory: https://play.google.com/work/embedded/search?usegapi=1&usegapi=1
Source: chromecache_404.2.dr, chromecache_339.2.dr	String found in binary or memory: https://plus.google.com
Source: chromecache_319.2.dr, chromecache_402.2.dr, chromecache_398.2.dr, chromecache_408.2.dr, chromecache_235.2.dr, chromecache_320.2.dr, chromecache_365.2.dr, chromecache_418.2.dr, chromecache_404.2.dr, chromecache_339.2.dr	String found in binary or memory: https://plus.googleapis.com
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://policies.google.com/privacy?utm_source=about&utm_medium=referral&utm_campaign=footer
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://policies.google.com/terms?utm_source=about&utm_medium=referral&utm_campaign=footer-l
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://publicpolicy.google/
Source: chromecache_337.2.dr, chromecache_348.2.dr	String found in binary or memory: https://push.clients6.google.com/upload/
Source: chromecache_326.2.dr	String found in binary or memory: https://redux.js.org/api/store#subscribelistener
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://redux.js.org/tutorials/fundamentals/part-4-store#creating-a-store-with-enhancers
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://redux.js.org/tutorials/fundamentals/part-4-store#middleware
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://redux.js.org/tutorials/fundamentals/part-6-async-logic#using-the-redux-thunk-middleware
Source: FACTURAMAIL.html	String found in binary or memory: https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/org.apache.wicket.ajax.AbstractDefaultAjaxBeh
Source: FACTURAMAIL.html	String found in binary or memory: https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/behavior-vEr-EC79B77633126C
Source: FACTURAMAIL.html	String found in binary or memory: https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/core-vEr-87B19EB8C947E6FDD4
Source: FACTURAMAIL.html	String found in binary or memory: https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/external-vEr-C4070C3FC38629
Source: FACTURAMAIL.html	String found in binary or memory: https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/head-vEr-643ABA73EE31C7111A
Source: FACTURAMAIL.html	String found in binary or memory: https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/jqueryui-vEr-DCEE588D7A13EA
Source: FACTURAMAIL.html	String found in binary or memory: https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/normalize-vEr-C4993EF0FA346DF3
Source: FACTURAMAIL.html	String found in binary or memory: https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/unified/mailcomblue-vEr-3A954E
Source: FACTURAMAIL.html	String found in binary or memory: https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/en/js/language-vEr-DBA7FDE658B625A
Source: FACTURAMAIL.html	String found in binary or memory: https://s.uicdn.com/fd-cdn/lux-0.1.55/build/css/mail_com.css
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://safety.google/?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://safety.google/?utm_source=about.google&utm_medium=referral&utm_campaign=site-switche
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://sandbox.google.com/inapp/
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://sandbox.google.com/inapp/%
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://sandbox.google.com/tools/feedback/
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://sandbox.google.com/tools/feedback/%
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://scone-pa.clients6.google.com
Source: chromecache_318.2.dr, chromecache_310.2.dr	String found in binary or memory: https://scottjehl.github.io/picturefill/
Source: chromecache_276.2.dr, chromecache_340.2.dr	String found in binary or memory: https://services.google.com/fb/submissions/b4b6e987d69411eaa1952fe7ab995960/
Source: chromecache_276.2.dr, chromecache_340.2.dr	String found in binary or memory: https://services.google.com/fb/submissions/cwgsignup/
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://shopping.google.com/?nord=1?utm_source=about&utm_medium=referral&utm_campaign=footer
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://smallbusiness.withgoogle.com/?utm_source=about&utm_medium=referral&utm_campaign=foot
Source: chromecache_394.2.dr	String found in binary or memory: https://ssl.gstatic.com
Source: chromecache_398.2.dr, chromecache_404.2.dr	String found in binary or memory: https://ssl.gstatic.com/gb/js/
Source: chromecache_332.2.dr, chromecache_411.2.dr	String found in binary or memory: https://ssl.gstatic.com/images/icons/material/system/1x/done_black_16dp.png)
Source: chromecache_332.2.dr, chromecache_411.2.dr	String found in binary or memory: https://ssl.gstatic.com/images/icons/material/system/1x/done_white_16dp.png)
Source: chromecache_319.2.dr, chromecache_235.2.dr, chromecache_320.2.dr, chromecache_339.2.dr	String found in binary or memory: https://ssl.gstatic.com/microscope/embed/
Source: chromecache_332.2.dr, chromecache_411.2.dr	String found in binary or memory: https://ssl.gstatic.com/ui/v1/menu/checkmark2-light.png)
Source: chromecache_332.2.dr, chromecache_411.2.dr	String found in binary or memory: https://ssl.gstatic.com/ui/v1/menu/checkmark2.png)
Source: chromecache_379.2.dr	String found in binary or memory: https://stagingqual-feedback-pa-googleapis.sandbox.google.com
Source: chromecache_355.2.dr, chromecache_278.2.dr, chromecache_389.2.dr, chromecache_237.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_307.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_330.2.dr, chromecache_324.2.dr	String found in binary or memory: https://storage.googleapis.com/gweb-uniblog-publish-prod/images/Advanced_Clean_Energy.max-300x300.pn
Source: chromecache_330.2.dr, chromecache_259.2.dr, chromecache_324.2.dr, chromecache_371.2.dr	String found in binary or memory: https://storage.googleapis.com/gweb-uniblog-publish-prod/images/Dec_AI_Roundup_social_share.max-300x
Source: chromecache_330.2.dr, chromecache_259.2.dr, chromecache_324.2.dr, chromecache_371.2.dr	String found in binary or memory: https://storage.googleapis.com/gweb-uniblog-publish-prod/images/Gmail_Holiday_Scams.max-300x300.png
Source: chromecache_330.2.dr, chromecache_259.2.dr, chromecache_324.2.dr, chromecache_371.2.dr	String found in binary or memory: https://storage.googleapis.com/gweb-uniblog-publish-prod/images/Ink_2024-Wrap-Up_2096x1182.max-300x3
Source: chromecache_259.2.dr, chromecache_371.2.dr	String found in binary or memory: https://storage.googleapis.com/gweb-uniblog-publish-prod/images/Keyword_Autofill_Header_V2.max-300x3
Source: chromecache_330.2.dr, chromecache_324.2.dr	String found in binary or memory: https://storage.googleapis.com/gweb-uniblog-publish-prod/images/LeeAnnMullholland379.width-122.forma
Source: chromecache_330.2.dr, chromecache_324.2.dr	String found in binary or memory: https://storage.googleapis.com/gweb-uniblog-publish-prod/images/LeeAnnMullholland379.width-244.forma
Source: chromecache_330.2.dr, chromecache_324.2.dr	String found in binary or memory: https://storage.googleapis.com/gweb-uniblog-publish-prod/images/OHS_for_Developers_v2.max-300x300.pn
Source: chromecache_259.2.dr, chromecache_371.2.dr	String found in binary or memory: https://storage.googleapis.com/gweb-uniblog-publish-prod/images/Screenshots_Hero.max-300x300.png
Source: chromecache_330.2.dr, chromecache_259.2.dr, chromecache_324.2.dr, chromecache_371.2.dr	String found in binary or memory: https://storage.googleapis.com/gweb-uniblog-publish-prod/images/gen_ai_use_cases_cropped.max-300x300
Source: chromecache_371.2.dr	String found in binary or memory: https://storage.googleapis.com/gweb-uniblog-publish-prod/images/superG_v3.width-122.format-webp.webp
Source: chromecache_371.2.dr	String found in binary or memory: https://storage.googleapis.com/gweb-uniblog-publish-prod/images/superG_v3.width-244.format-webp.webp
Source: chromecache_259.2.dr, chromecache_371.2.dr	String found in binary or memory: https://storage.googleapis.com/gweb-uniblog-publish-prod/images/unnamed_59_2.max-300x300.png
Source: chromecache_259.2.dr, chromecache_371.2.dr	String found in binary or memory: https://storage.googleapis.com/gweb-uniblog-publish-prod/images/unnamed_5_skVBvw8.width-122.format-w
Source: chromecache_259.2.dr, chromecache_371.2.dr	String found in binary or memory: https://storage.googleapis.com/gweb-uniblog-publish-prod/images/unnamed_5_skVBvw8.width-244.format-w
Source: chromecache_330.2.dr, chromecache_324.2.dr	String found in binary or memory: https://storage.googleapis.com/gweb-uniblog-publish-prod/original_images/Business-Trend_SocialShare.
Source: chromecache_330.2.dr, chromecache_259.2.dr, chromecache_324.2.dr, chromecache_371.2.dr	String found in binary or memory: https://storage.googleapis.com/gweb-uniblog-publish-prod/original_images/Lens_Tips_Blog_Hero.png
Source: chromecache_371.2.dr	String found in binary or memory: https://storage.googleapis.com/gweb-uniblog-publish-prod/original_images/louw.max-2800x2800.jpg
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://store.google.com/?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_301.2.dr	String found in binary or memory: https://store.google.com/ideas/google-pixel-phones/?utm_source=about&utm_medium=google_oo&ut
Source: chromecache_379.2.dr	String found in binary or memory: https://support.google.com/
Source: chromecache_301.2.dr	String found in binary or memory: https://support.google.com/?hl=en
Source: chromecache_301.2.dr	String found in binary or memory: https://support.google.com/?hl=en/?utm_source=about&utm_medium=referral&utm_campaign=footer-
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://support.google.com/inapp/
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://support.google.com/inapp/%
Source: chromecache_380.2.dr, chromecache_273.2.dr	String found in binary or memory: https://support.google.com/websearch/answer/106230
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://support.google.com/youtube/?p=missing_quality
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://support.google.com/youtube/?p=noaudio
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://support.google.com/youtube/?p=report_playback
Source: chromecache_326.2.dr	String found in binary or memory: https://support.google.com/youtube/answer/3037019#check_ad_blockers&zippy=%2Ccheck-your-extensions-i
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://support.google.com/youtube/answer/6276924
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://sustainability.google/?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://sustainability.google/?utm_source=about.google&utm_medium=referral&utm_campaign=site
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://sustainability.google/progress/supplier-responsibility/
Source: chromecache_397.2.dr, chromecache_307.2.dr	String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_319.2.dr, chromecache_235.2.dr, chromecache_320.2.dr, chromecache_339.2.dr	String found in binary or memory: https://talkgadget.google.com/:session_prefix:talkgadget/_/widget
Source: chromecache_355.2.dr, chromecache_278.2.dr, chromecache_236.2.dr, chromecache_389.2.dr, chromecache_298.2.dr, chromecache_237.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://test-scone-pa-googleapis.sandbox.google.com
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://transparency.google
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://transparencyreport.google.com/?utm_source=about&utm_medium=referral&utm_campaign=foo
Source: chromecache_301.2.dr	String found in binary or memory: https://trends.withgoogle.com/year-in-search/2024/?utm_source=about.google&utm_medium=referral&a
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://twitter.com/google
Source: chromecache_290.2.dr, chromecache_380.2.dr, chromecache_336.2.dr, chromecache_273.2.dr	String found in binary or memory: https://uberproxy-pen-redirect.corp.google.com/uberproxy/pen?url=
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://viacon.corp.google.com
Source: chromecache_319.2.dr, chromecache_402.2.dr, chromecache_398.2.dr, chromecache_408.2.dr, chromecache_235.2.dr, chromecache_320.2.dr, chromecache_365.2.dr, chromecache_418.2.dr, chromecache_404.2.dr, chromecache_339.2.dr	String found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://workspace.google.com/?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.android.com/?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.blog.google/?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.blog.google/?utm_source=about.google&utm_medium=referral&utm_campaign=nav-the-ke
Source: chromecache_276.2.dr, chromecache_340.2.dr	String found in binary or memory: https://www.blog.google/api/v2/latest/?show_hero=true&tags=
Source: chromecache_276.2.dr, chromecache_340.2.dr	String found in binary or memory: https://www.blog.google/api/v2/latest/?tags=
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.blog.google/press/?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_236.2.dr, chromecache_298.2.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_397.2.dr, chromecache_307.2.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_397.2.dr, chromecache_307.2.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_380.2.dr, chromecache_273.2.dr	String found in binary or memory: https://www.google.
Source: chromecache_397.2.dr, chromecache_307.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://www.google.cn/tools/feedback/
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://www.google.cn/tools/feedback/%
Source: chromecache_237.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.google.com/?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_297.2.dr	String found in binary or memory: https://www.google.com/_/og/promos/
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.google.com/accessibility/?utm_source=about&utm_medium=referral&utm_campaign=foot
Source: chromecache_397.2.dr, chromecache_307.2.dr	String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.google.com/chrome/?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_276.2.dr, chromecache_340.2.dr	String found in binary or memory: https://www.google.com/doodles/history/%
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.google.com/gmail/about/?utm_source=about&utm_medium=referral&utm_campaign=footer
Source: chromecache_394.2.dr	String found in binary or memory: https://www.google.com/images/hpp/ic_wahlberg_product_core_48.png8.png
Source: chromecache_297.2.dr	String found in binary or memory: https://www.google.com/intl/en/about/products
Source: chromecache_290.2.dr, chromecache_380.2.dr, chromecache_336.2.dr, chromecache_273.2.dr	String found in binary or memory: https://www.google.com/log?format=json&hasfast=true
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.google.com/maps/about/?utm_source=about&utm_medium=referral&utm_campaign=footer-
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.google.com/photos/about/?utm_source=about&utm_medium=referral&utm_campaign=foote
Source: chromecache_319.2.dr, chromecache_235.2.dr, chromecache_320.2.dr, chromecache_339.2.dr	String found in binary or memory: https://www.google.com/shopping/customerreviews/badge?usegapi=1
Source: chromecache_319.2.dr, chromecache_235.2.dr, chromecache_320.2.dr, chromecache_339.2.dr	String found in binary or memory: https://www.google.com/shopping/customerreviews/optin?usegapi=1
Source: chromecache_379.2.dr	String found in binary or memory: https://www.google.com/tools/feedback
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://www.google.com/tools/feedback/
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: https://www.google.com/tools/feedback/%
Source: chromecache_379.2.dr	String found in binary or memory: https://www.google.com/tools/feedback/help_panel_binary.js
Source: chromecache_394.2.dr	String found in binary or memory: https://www.google.com/url?q
Source: chromecache_297.2.dr	String found in binary or memory: https://www.google.com/url?q=https://accounts.google.com/signin/v2/identifier%3Fec%3Dfutura_hpp_co_s
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.google.org/?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_355.2.dr, chromecache_278.2.dr, chromecache_236.2.dr, chromecache_389.2.dr, chromecache_298.2.dr, chromecache_237.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_404.2.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.login
Source: chromecache_404.2.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.me
Source: chromecache_404.2.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
Source: chromecache_398.2.dr, chromecache_404.2.dr	String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: chromecache_398.2.dr, chromecache_404.2.dr	String found in binary or memory: https://www.googleapis.com/auth/userinfo.profile
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://www.googleapis.com/certificateprovisioning/v1/devicecertificates/create?key=AIzaSyB-5OLKTx2i
Source: chromecache_237.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_397.2.dr, chromecache_307.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-WQZB4J
Source: chromecache_270.2.dr, chromecache_394.2.dr, chromecache_253.2.dr	String found in binary or memory: https://www.gstatic.com
Source: chromecache_394.2.dr	String found in binary or memory: https://www.gstatic.com/_/boq-one-google/_/r/
Source: chromecache_394.2.dr	String found in binary or memory: https://www.gstatic.com/_/mss/boq-one-google/_/js/k=boq-one-google.OneGoogleWidgetUi.en.HqBC0LaFZR4.
Source: chromecache_351.2.dr, chromecache_296.2.dr	String found in binary or memory: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.gstatic.com/external_hosted/lottie_player/lottie_player_binary-bundle.js
Source: chromecache_384.2.dr, chromecache_282.2.dr	String found in binary or memory: https://www.gstatic.com/gb/html/afbp.html
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.gstatic.com/glue/cookienotificationbar/cookienotificationbar.min.css
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.gstatic.com/glue/cookienotificationbar/cookienotificationbar.min.js
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.gstatic.com/glue/polyfill.min.js
Source: chromecache_301.2.dr	String found in binary or memory: https://www.gstatic.com/images/branding/googleg/2x/googleg_standard_color_120dp.png
Source: chromecache_384.2.dr, chromecache_282.2.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_medium.css
Source: chromecache_384.2.dr, chromecache_282.2.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_small.css
Source: chromecache_282.2.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/system/1x/broken_image_grey600_18dp.png
Source: chromecache_384.2.dr, chromecache_282.2.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/system/2x/broken_image_grey600_18dp.png
Source: chromecache_297.2.dr	String found in binary or memory: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.rX6uZdQxZxU.2019.O/rt=j/m=qabr
Source: chromecache_297.2.dr	String found in binary or memory: https://www.gstatic.com/og/_/ss/k=og.qtm.CEsjJf2wziM.L.W.O/m=qcwid
Source: chromecache_319.2.dr, chromecache_235.2.dr, chromecache_320.2.dr, chromecache_339.2.dr	String found in binary or memory: https://www.gstatic.com/partners/badge/templates/badge.html?usegapi=1
Source: chromecache_379.2.dr	String found in binary or memory: https://www.gstatic.com/uservoice/feedback/client/web/
Source: chromecache_379.2.dr	String found in binary or memory: https://www.gstatic.com/uservoice/surveys/resources/
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://www.gstatic.com/ytlr/img/sign_in_avatar_default.png?rn=
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.linkedin.com/company/google
Source: chromecache_362.2.dr, chromecache_238.2.dr	String found in binary or memory: https://www.mailvelope.com
Source: chromecache_355.2.dr, chromecache_278.2.dr, chromecache_389.2.dr, chromecache_237.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_256.2.dr	String found in binary or memory: https://www.youtube.com
Source: chromecache_276.2.dr, chromecache_340.2.dr	String found in binary or memory: https://www.youtube.com/
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.youtube.com/?utm_source=about&utm_medium=referral&utm_campaign=footer-link
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://www.youtube.com/api/drm/fps?ek=
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://www.youtube.com/generate_204?cpn=
Source: chromecache_340.2.dr, chromecache_298.2.dr	String found in binary or memory: https://www.youtube.com/iframe_api
Source: chromecache_319.2.dr, chromecache_235.2.dr, chromecache_320.2.dr, chromecache_339.2.dr	String found in binary or memory: https://www.youtube.com/subscribe_embed?usegapi=1
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: https://www.youtube.com/user/Google
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://youtu.be/
Source: chromecache_326.2.dr	String found in binary or memory: https://youtube.com/api/drm/fps?ek=uninitialized
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://youtubei.googleapis.com/youtubei/
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: https://yurt.corp.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50498 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 50452 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50506
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50507
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50600 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50512
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50514
Source: unknown	Network traffic detected: HTTP traffic on port 50464 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 50326 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 50555 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50507 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 50210 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 50382 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 50556 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 50462 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50579 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 50347 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50095 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50084 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50497 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50313 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 50166 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50506 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50050 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50600
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50463 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50109 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50579
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50210
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50452
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50332
Source: unknown	Network traffic detected: HTTP traffic on port 50094 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50227
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50469
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50347
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50108
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50229
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50109
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50460
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50463
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50584
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50462
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50464
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50346
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50103
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50470
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50512 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50472
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50558 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50594
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50113
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50127 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50127
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50362
Source: unknown	Network traffic detected: HTTP traffic on port 50093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50535 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50082 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50535
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50594 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50315 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50362 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50547
Source: unknown	Network traffic detected: HTTP traffic on port 50173 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50549
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50547 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50315
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50556
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50559
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50316
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50558
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50551
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50550
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50313
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50555
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50326
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50206
Source: unknown	Network traffic detected: HTTP traffic on port 50316 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50559 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50322
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50564
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50321
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50565
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50514 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50179
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50057
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50063
Source: unknown	Network traffic detected: HTTP traffic on port 50584 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50148 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50113 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50469 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50191
Source: unknown	Network traffic detected: HTTP traffic on port 50159 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50192
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50227 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50470 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50550 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50147 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50332 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50078
Source: unknown	Network traffic detected: HTTP traffic on port 50057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50079
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50084
Source: unknown	Network traffic detected: HTTP traffic on port 50549 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50089
Source: unknown	Network traffic detected: HTTP traffic on port 50079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50094
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50093
Source: unknown	Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50095
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50170 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50375
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50498
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50497
Source: unknown	Network traffic detected: HTTP traffic on port 50078 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50382
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50148
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50147
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50103 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50156
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50159
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50158
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50283
Source: unknown	Network traffic detected: HTTP traffic on port 50089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50551 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50171 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50042
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50166
Source: unknown	Network traffic detected: HTTP traffic on port 50375 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50290
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50050
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50171
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50170
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50173
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50283 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50564 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50472 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50346 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50156 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50192 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50229 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50097
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50099
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50206 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50158 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50565 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50321 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50191 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50179 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50322 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50097 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50460 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900

Source: classification engine

Classification label: mal48.winHTML@34/286@92/28

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "C:\Users\user\Desktop\FACTURAMAIL.html"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2504 --field-trial-handle=2452,i,15626069555175350645,14308672974480605932,262144 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5724 --field-trial-handle=2452,i,15626069555175350645,14308672974480605932,262144 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3232 --field-trial-handle=2452,i,15626069555175350645,14308672974480605932,262144 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2504 --field-trial-handle=2452,i,15626069555175350645,14308672974480605932,262144 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5724 --field-trial-handle=2452,i,15626069555175350645,14308672974480605932,262144 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3232 --field-trial-handle=2452,i,15626069555175350645,14308672974480605932,262144 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source:	Binary string: _.Pdb=function(){var a,b;return _.Bg(function(c){if((a=window.scheduler)==null?0:a.yield)return c.return(window.scheduler.yield());((b=window.scheduler)==null?0:b.postTask)&&window.scheduler.postTask(function(){},{priority:"user-blocking"});return c.return(new Promise(function(d){window.setTimeout(function(){d()},0)}))})}; source: chromecache_380.2.dr, chromecache_273.2.dr
Source:	Binary string: _.m.replaceState=function(){return _.zh("InternalHistory","replaceState")};_.Vn(z4a,Ubb);_.Vbb=_.Jya;var Wbb=_.Qr("fvjcPb",[_.Rr]);_.Xbb=_.Sd("US1EU",[Wbb]);_.Ybb=_.Sd("BgyPPc",[Z$a]);_.Zbb=_.Sd("UBGcdd",[aab]);_.$bb=_.Sd("eSFC5c");_.acb=_.Sd("B6b85");_.bcb=_.Sd("pPxdAd");_.ccb=_.Sd("TPCh7b");_.dcb=_.Sd("NsiCRb");_.ecb=_.Sd("BkiHtd");_.fcb=_.Sd("K6ZEbf");_.gcb=_.Sd("TwdwWc",[]);_.hcb=_.Sd("C0JoAb");_.icb=_.Sd("R8gt1");_.jcb=_.Sd("yvBIXc");_.kcb=_.Sd("hwYI4c",[hab]);_.lcb=_.Sd("GTaNlc");_.mcb=_.Sd("g6ZUob");_.ncb=_.Sd("xkctJ");_.ocb=_.Sd("vo3XM");_.pcb=_.Sd("YgAQTc",[]);_.qcb=_.Sd("dbr2Mc");_.rcb=_.Sd("krRYtf");_.scb=_.Sd("yWCO4c");_.tcb=_.Sd("nVG46b");_.ucb=_.Sd("gsJLOc",[]);_.vcb=_.Sd("G29HYe",[m7a]);_.wcb=_.Sd("h4qzS",[wab]);_.xcb=_.Sd("YhmRB");_.ycb=_.Sd("wciyUe",[]);_.zcb=_.Sd("Il1M4b");_.Acb=_.Sd("vWfZ8c",[Kab]);_.Bcb=_.Sd("KRDUUb");_.Ccb=_.Sd("hQ97re");_.Dcb=_.Sd("iK2sb");_.Ecb=_.Sd("soVptf");_.Fcb=_.Sd("YeKaq");_.Gcb=_.Sd("Odo3Od");_.Hcb=_.Sd("d7NTy");_.Icb=_.Sd("VQ7Yuf");_.Jcb=_.Sd("M0VQbd");_.Kcb=_.Sd("dhjipe",[abb]);_.Lcb=_.Sd("lBp0",[_.n$a]);_.Mcb=_.Sd("CJRYDf",[_.Or]);_.Ncb=_.Sd("Z8Pdh");_.Ocb=_.Sd("a70q7b");_.Pcb=_.Sd("sfFTle",[ibb]);_.Qcb=_.Sd("nv86s",[lbb]);_.Rcb=_.Sd("H1Onzb");_.Scb=_.Sd("QE3hvd");_.Tcb=_.Sd("pPIvie",[_.Rr]);_.Ucb=_.Sd("XwhUEb",[]);_.Vcb=_.Sd("Kmnn6b");_.Wcb=_.Sd("FrcyJe");_.Xcb=_.Sd("xkjGve",[_.j$a]);_.Ycb=_.Sd("E2zlIf");var Zcb=_.Qr("uxcEeb",[_.Rr]);_.$cb=_.Sd("LR64x",[Zcb]);_.adb=_.Sd("HZnJ6");_.bdb=_.Sd("v74Vad");_.cdb=_.Sd("J2YIUd");_.ddb=_.Sd("Y2XuT");_.edb=_.Sd("O1Rq3");_.fdb=_.Sd("LHCaNd",[]);_.gdb=_.Sd("wKdTle",[_.Or,_.L4a]);_.Zr=_.Sd("Fdd8nd",[_.gdb,_.Vr,_.Cg]);_.hdb=_.Sd("b6vcbb",[_.Mr]);_.idb=_.Sd("ttQ27",[_.jg,_.Ko,_.Zr,_.gdb]);_.jdb=_.Sd("SGpRce",[_.jg,_.Zr,_.hdb,_.gdb]);_.kdb=_.Sd("lcrkwe",[_.jg,_.CYa,_.Ko,_.gdb,_.AYa,_.jdb,_.idb]);_.ldb=_.Sd("CpWC2d",[]);_.mdb=_.Sd("j9Yuyc",[]);_.ndb=_.Sd("ofjVkb",[_.Qn]);_.odb=_.Sd("rlHKFc",[_.Kr]);_.pdb=_.Sd("sZnyj",[]);_.qdb=_.Sd("jn2sGd",[_.Or]);_.rdb=_.Sd("p4LrCe",[]);_.sdb=_.Sd("k0T3Ub",[_.rdb]);var tdb=function(){};_.m=tdb.prototype;_.m.eD=function(a){return oya().eD(a)};_.m.setTimeout=function(a,b){var c=_.Nc.apply(2,arguments),d;return(d=oya()).setTimeout.apply(d,[a,b].concat(_.pd(c)))};_.m.setInterval=function(a,b){var c=_.Nc.apply(2,arguments),d;return(d=oya()).setInterval.apply(d,[a,b].concat(_.pd(c)))};_.m.clearTimeout=function(a){return oya().clearTimeout(a)};_.m.clearInterval=function(a){return oya().clearInterval(a)};_.$r=new tdb; source: chromecache_380.2.dr, chromecache_273.2.dr
Source:	Binary string: _.m.clearTimeout=function(a){_.$r.clearTimeout(a)};_.m.clearInterval=function(a){_.$r.clearInterval(a)};_.m.setInterval=function(a,b){return _.$r.setInterval.apply(_.$r,[a,b].concat(_.pd(_.Nc.apply(2,arguments))))};var bfb=function(a){if(!a.vba){var b=a.play;a.play=function(){var c=b.call(a),d=a.ih();if(d!==Infinity){var e=window.setTimeout(function(){return a.finish()},d);d=function(){return void window.clearTimeout(e)};c.then(d,d)}return c};a.vba=!0}};afb.prototype.yield=function(){return _.Pdb()}; source: chromecache_380.2.dr, chromecache_273.2.dr
Source:	Binary string: 3)){Z.yb(5);break}return Z.yield(e.fEb,6);case 6:k=Z.oa;if(nwa(b,3,f))return Z.return();if(!(b.dh<3)){Z.yb(5);break}return Z.yield(d.pdb(b,k),8);case 8:b.dh=3;case 5:if(nwa(b,4,f))return Z.return();(l=c)==null\|\|l.DIa();b.dh<4&&(e.WBa=d.pEb(b),b.dh=4);p=e.WBa;if(nwa(b,5,f))return Z.return();b.dh<5&&((q=e).ov!=null\|\|(q.ov=d.xBb(b)),b.dh=5);if(nwa(b,6,f))return Z.return();if(b.dh<6)try{e.lda=d.RY(b),b.dh=6}catch(ba){}e.lda&&((v=c)==null\|\|v.mva());if(!d.isActive(b)){Z.yb(9);break}return Z.yield(d.Yhb(b, source: chromecache_380.2.dr, chromecache_273.2.dr

Source: chromecache_330.2.dr, chromecache_324.2.dr

Binary or memory string: ","url":"/outreach-initiatives/public-policy/google-remedies-proposal-dec-2024/"},{"published_node":"<time class=\"uni-timesince\" datetime=\"2024-12-19 18:00:00+00:00\">Dec 2024</time>","page_id":71014,"category":"article","go_live_date_time":"2024-12-19|18:00","word_count":11786,"secondary_tags":"AI","content_category":"Announcement","hero":"https://storage.googleapis.com/gweb-uniblog-publish-prod/images/gen_ai_use_cases_cropped.max-300x300.jpg","short_body":null,"full_url":"https://blog.google/products/google-cloud/gen-ai-business-use-cases/","days_since_published":18,"eyebrow":"<time class=\"uni-timesince\" datetime=\"2024-12-19 18:00:00+00:00\" aria-label=\"December 2024\">Dec 2024</time> / Google Cloud","main_hero_image":null,"tag_name":"Google Cloud","content_type":"article page","sitespace_render":"","tags":"google-cloud,ai","tag":"google-cloud","sitespace":"","author":"Brian Hall","author_list":[{"display_name":"Brian Hall","assigned_job_title":"Vice President, Product Marketing, Google Cloud","image_renditions":null,"author_page":null}],"published":"2024-12-19T18:00:00Z","slug":"gen-ai-business-use-cases","published_readable_date":"Dec 2024","analytics_properties":{"has_carousel":"no","has_image":"yes","has_audio":"no","has_video":"yes","hero_media_type":"image"},"body_text":null,"tag_eyebrow":"https://blog.google/products/google-cloud/","headline":"321 real-world gen AI use cases from the world's leading organizations","summary":"A snapshot of how top companies, governments, researchers and startups are enhancing their work with Google's AI solutions.","url":"/products/google-cloud/gen-ai-business-use-cases/"},{"published_node":"<time class=\"uni-timesince\" datetime=\"2024-12-18 18:00:00+00:00\">Dec 2024</time>","page_id":77294,"category":"article","go_live_date_time":"2024-12-18|18:00","word_count":702,"secondary_tags":"Developers,AI","content_category":"Announcement","hero":"https://storage.googleapis.com/gweb-uniblog-publish-prod/images/OHS_for_Developers_v2.max-300x300.png","short_body":null,"full_url":"https://blog.google/technology/health/open-health-stack-developers/","days_since_published":19,"eyebrow":"<time class=\"uni-timesince\" datetime=\"2024-12-18 18:00:00+00:00\" aria-label=\"December 2024\">Dec 2024</time> / Health","main_hero_image":null,"tag_name":"Health","content_type":"article page","sitespace_render":"","tags":"developers,health,ai","tag":"health","sitespace":"","author":"Richa Tiwari","author_list":[{"display_name":"Richa Tiwari","assigned_job_title":"Program Manager, Open Health Stack","image_renditions":null,"author_page":null}],"published":"2024-12-18T18:00:00Z","slug":"open-health-stack-developers","published_readable_date":"Dec 2024","analytics_properties":{"has_carousel":"no","has_image":"yes","has_audio":"no","has_video":"yes","hero_media_type":"image"},"body_text":null,"tag_eyebrow":"https://blog.google/technology/health/","headline":"5 ways Open Health Stack is helping developers address healthcare gap

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	2 Process Injection	2 Process Injection	OS Credential Dumping	1 Process Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	3 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
FACTURAMAIL.html	0%	ReversingLabs

Source	Detection	Scanner	Label
https://archivofdb.online/	100%	Avira URL Cloud	malware
https://77.33.109.208.host.secureserver.net/	0%	Avira URL Cloud	safe
https://trends.withgoogle.com/year-in-search/2024/?utm_source=about.google&utm_medium=referral&a	0%	Avira URL Cloud	safe
https://m.mail.com	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
scone-pa.clients6.google.com	142.250.184.202	true	false	high
google.com	142.250.185.78	true	false	high
archivofdb.online	108.162.193.94	true	false	unknown
77.33.109.208.host.secureserver.net	208.109.33.77	true	false	high
csp.withgoogle.com	142.250.185.241	true	false	high
plus.l.google.com	216.58.206.78	true	false	high
i.ytimg.com	172.217.16.150	true	false	high
static.doubleclick.net	216.58.212.166	true	false	high
about.google	216.239.32.29	true	false	high
bg.microsoft.map.fastly.net	199.232.214.172	true	false	high
youtube-ui.l.google.com	172.217.18.14	true	false	high
www3.l.google.com	142.250.185.206	true	false	high
play.google.com	172.217.16.206	true	false	high
googleads.g.doubleclick.net	172.217.16.130	true	false	high
ghs-svc-https-sni.ghs-ssl.googlehosted.com	142.250.186.179	true	false	high
photos-ugc.l.googleusercontent.com	172.217.16.129	true	false	high
www.google.com	172.217.18.4	true	false	high
blog.google	216.239.32.21	true	false	high
is.gd	104.25.233.53	true	false	high
googlehosted.l.googleusercontent.com	216.58.206.65	true	false	high
yt3.ggpht.com	unknown	unknown	false	high
www.blog.google	unknown	unknown	false	high
ogs.google.com	unknown	unknown	false	high
lh3.googleusercontent.com	unknown	unknown	false	high
www.youtube.com	unknown	unknown	false	high
apis.google.com	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://apis.google.com/js/googleapis.proxy.js?onload=startup	false		high
https://apis.google.com/js/client.js	false		high
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_0?le=scs	false		high
https://about.google/assets-main/css/index.min.css?cache=9ea27ca	false		high
https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/external-vEr-C4070C3FC386295F261ACFC2E1F4137C.js	false		high
https://about.google/assets-main/img/glue-google-solid-logo.svg	false		high
https://www.google.com/js/th/bTS-krGMW8fDflzgOBqs4RfQ289v88xjeZzvxqf94UM.js	false		high
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	false		high
https://archivofdb.online/	false	Avira URL Cloud: malware	unknown
https://www.google.com/gen_204?atyp=csi&ei=-F19Z6PLDqaV9u8Pra276A8&s=webhp&nt=navigate&t=fi&st=7854&fid=1&zx=1736269307364&opi=89978449	false		high
https://about.google/	false		high
https://lh3.googleusercontent.com/5mIriK_GH1r-k08AKLwXV_HZH7NeiGHeAda9B3NZrcKGiNUrKPG4ezclR3hGpsx5mMrxumLXoWNNqPx3MareCiFIIsx4BBs7dw3DLmPbgMEdR3sFLjDQ=w1440-l80-sg-rj-c0xffffff	false		high
https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/normalize-vEr-C4993EF0FA346DF36C229DFCB913BBD3.css	false		high
https://77.33.109.208.host.secureserver.net/	false	Avira URL Cloud: safe	unknown
https://www.google.com/favicon.ico	false		high
https://about.google/favicon.ico	false		high
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_0?le=scs	false		high
https://www.google.com/gen_204?atyp=i&ct=ppm&cad=&lids=cdos,hsm,jsa,mb4ZUb,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl,YV5bee,d,csi&p1_dbs=1152647&p1_ebs=1152647&p1_ts=1152947&p1_ws=0&p1_ls=4516&p1_le=6504&sn=webhp&sp=0&ss=0&ids=sb_wiz,aa,abd,async,ifl,pHXghd,sf,sonic,spch,rtH1bd,SMquOb,uxMpU,Mlhmy,QGR0gd,aurFic,fKUV3e,OTA3Ae,OmgaI,EEDORb,PoEs9b,Pjplud,A1yn5d,YIZmRd,uY49fb,byfTOb,lsjVmc,LEikZe,kWgXee,ovKuLd,sgY6Zb,xUdipf,NwH0H,gychg,ZfAoz,yDVVkb,qafBPd,ebZ3mb,dowIGb,d5EhJe,fCxEDd,T1HOxc,zx30Y,Wo3n8,loL8vb,ms4mZb,B2qlPe&am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAACgAAAAAAQAAAAABAAAQAAAAAAEAQiCAAAgAAAAwAIAAAQDgAAAAAIAABAAwKNMARAgAgAAAAAgAIAAwgIAABAAAAAIAAAAAAAAKAAAAAAACAAAAAAAAAAAQIAAAAAAAAAAAAAAAQAA6AEAAAAAAAAABAQAAIaBAQgAAAAAAAD0AUDwAAwpLAAAAAAAAAAAAAAAAARIEMyFBBQEIAAAAAAAAAAAAAAAAACASBMXNg&k=xjs.hd.en_US.JtqAkOlSgkU.es5.O&s=1&dbs=380604&ebs=380604&ts=380904&ws=0&ls=6639&le=8121&ei=-F19Z6PLDqaV9u8Pra276A8&zx=1736269307616&opi=89978449	false		high
https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/org.apache.wicket.ajax.AbstractDefaultAjaxBehavior/---/res/js/wicket-ajax-jquery-vEr-04D5389C5F00ED98AD39E57EBB5AA818.js	false		high
https://blog.google/api/v2/latest/?show_hero=true&tags=android,android-tv,calendar,chrome,chromebooks,chromecast,classroom,docs,drive,forms,gmail,google-ads,google-assistant,google-cloud,google-duo,google-earth,google-fi,google-fit,google-one,google-pay,google-play,google-shopping,google-voice,google-wifi,meet,keep,maps,messages,news,photos,pixel,pixelbook,search,sheets,sites,slides,stadia,translate,wear-os-by-google,youtube	false		high
https://about.google/assets-main/img/glue-icons.svg	false		high
https://lh3.googleusercontent.com/CMeutwvkARWLCyrjSLBqp0KSCGYBZoL7lYkoqLYS-utC81JRLRUwMvdDcNypJ_p7iSAHRTvZX7G6tVaXRNCqT6QlNbP3E9mSEvwmRhTNMV-YQdR2J4af=w1440-l90-sg-rj-c0xffffff	false		high
https://www.google.com/gen_204?atyp=i&ei=-F19Z6PLDqaV9u8Pra276A8&vet=10ahUKEwijp_SYi-SKAxWmiv0HHa3WDv0QuqMJCCU..s&bl=ooTe&s=webhp&lpl=CAUYATAEOANiBwgIEICP_FI&zx=1736269307654&opi=89978449	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/js/head-vEr-643ABA73EE31C7111A	FACTURAMAIL.html	false		high
https://ogs.google.com/	chromecache_394.2.dr	false		high
https://stats.g.doubleclick.net/g/collect	chromecache_355.2.dr, chromecache_278.2.dr, chromecache_389.2.dr, chromecache_237.2.dr	false		high
https://feedback.googleusercontent.com/resources/annotator.css	chromecache_364.2.dr, chromecache_379.2.dr	false		high
https://redux.js.org/tutorials/fundamentals/part-4-store#creating-a-store-with-enhancers	chromecache_396.2.dr, chromecache_326.2.dr	false		high
https://lh3.googleusercontent.com/CMeutwvkARWLCyrjSLBqp0KSCGYBZoL7lYkoqLYS-utC81JRLRUwMvdDcNypJ_p7iS	chromecache_301.2.dr	false		high
https://blog.google/outreach-initiatives/public-policy/google-remedies-proposal-dec-2024/	chromecache_330.2.dr, chromecache_324.2.dr	false		high
https://policies.google.com/privacy?utm_source=about&utm_medium=referral&utm_campaign=footer	chromecache_295.2.dr, chromecache_301.2.dr	false		high
https://apis.google.com/js/googleapis.proxy.js	chromecache_320.2.dr	false		high
http://localhost.proxy.googlers.com/inapp/	chromecache_364.2.dr, chromecache_379.2.dr	false		high
https://ai.google/responsibility/principles/#:~:text=updates%20on%20our%20ai%20principles%3A	chromecache_301.2.dr	false		high
https://stagingqual-feedback-pa-googleapis.sandbox.google.com	chromecache_379.2.dr	false		high
https://blog.google/products/chrome/	chromecache_259.2.dr, chromecache_371.2.dr	false		high
https://ogs.google.com/widget/callout	chromecache_394.2.dr	false		high
https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/en/js/language-vEr-DBA7FDE658B625A	FACTURAMAIL.html	false		high
https://ampcid.google.com/v1/publisher:getClientId	chromecache_397.2.dr, chromecache_307.2.dr	false		high
https://store.google.com/?utm_source=about&utm_medium=referral&utm_campaign=footer-link	chromecache_295.2.dr, chromecache_301.2.dr	false		high
https://blog.google/products/pixel/google-pixel-screenshots-tips/	chromecache_259.2.dr, chromecache_371.2.dr	false		high
https://m.mail.com	FACTURAMAIL.html	false	Avira URL Cloud: safe	unknown
https://safety.google/?utm_source=about&utm_medium=referral&utm_campaign=footer-link	chromecache_295.2.dr, chromecache_301.2.dr	false		high
https://www.youtube.com	chromecache_256.2.dr	false		high
https://admin.youtube.com	chromecache_396.2.dr, chromecache_326.2.dr	false		high
https://pay.google.com/gp/v/widget/save	chromecache_339.2.dr	false		high
https://services.google.com/fb/submissions/cwgsignup/	chromecache_276.2.dr, chromecache_340.2.dr	false		high
https://blog.google/products/chrome/chrome-autofill/	chromecache_259.2.dr, chromecache_371.2.dr	false		high
https://store.google.com/ideas/google-pixel-phones/?utm_source=about&utm_medium=google_oo&ut	chromecache_301.2.dr	false		high
https://ogs.google.com/widget/callout?eom=1	chromecache_297.2.dr	false		high
https://redux.js.org/tutorials/fundamentals/part-4-store#middleware	chromecache_396.2.dr, chromecache_326.2.dr	false		high
https://trends.withgoogle.com/year-in-search/2024/?utm_source=about.google&utm_medium=referral&a	chromecache_301.2.dr	false	Avira URL Cloud: safe	unknown
https://www.google.com/shopping/customerreviews/optin?usegapi=1	chromecache_319.2.dr, chromecache_235.2.dr, chromecache_320.2.dr, chromecache_339.2.dr	false		high
https://asx-frontend-autopush.corp.google.co.uk/tools/feedback/	chromecache_364.2.dr, chromecache_379.2.dr	false		high
https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/normalize-vEr-C4993EF0FA346DF3	FACTURAMAIL.html	false		high
https://stats.g.doubleclick.net/j/collect	chromecache_307.2.dr	false		high
https://developers.google.com/	chromecache_398.2.dr, chromecache_404.2.dr	false		high
https://blog.google/products/search/	chromecache_330.2.dr, chromecache_259.2.dr, chromecache_324.2.dr, chromecache_371.2.dr	false		high
https://yurt.corp.google.com	chromecache_396.2.dr, chromecache_326.2.dr	false		high
https://developers.google.com/identity/gsi/web/guides/gis-migration)	chromecache_404.2.dr	false		high
https://www.google.com/tools/feedback	chromecache_379.2.dr	false		high
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p	chromecache_243.2.dr, chromecache_284.2.dr, chromecache_276.2.dr, chromecache_340.2.dr	false		high
https://www.youtube.com/generate_204?cpn=	chromecache_396.2.dr, chromecache_326.2.dr	false		high
https://sandbox.google.com/inapp/%	chromecache_364.2.dr, chromecache_379.2.dr	false		high
https://apis.google.com/js/api.js	chromecache_290.2.dr, chromecache_336.2.dr	false		high
https://lh3.googleusercontent.com/sbusTGfIzIf2EpK3j1EygXk_Qaq1i5WBMRKge7jsMHnU8IvJK2BR-rr7laSFVUBu3U	chromecache_301.2.dr	false		high
https://www.google.com/tools/feedback/	chromecache_364.2.dr, chromecache_379.2.dr	false		high
https://www.youtube.com/subscribe_embed?usegapi=1	chromecache_319.2.dr, chromecache_235.2.dr, chromecache_320.2.dr, chromecache_339.2.dr	false		high
https://blog.google/products/news/	chromecache_259.2.dr, chromecache_371.2.dr	false		high
https://feedback2-test.corp.google.com/tools/feedback/%	chromecache_364.2.dr, chromecache_379.2.dr	false		high
https://www.youtube.com/	chromecache_276.2.dr, chromecache_340.2.dr	false		high
https://plus.google.com	chromecache_404.2.dr, chromecache_339.2.dr	false		high
https://transparencyreport.google.com/?utm_source=about&utm_medium=referral&utm_campaign=foo	chromecache_295.2.dr, chromecache_301.2.dr	false		high
https://asx-frontend-autopush.corp.google.de/tools/feedback/	chromecache_364.2.dr, chromecache_379.2.dr	false		high
https://shopping.google.com/?nord=1?utm_source=about&utm_medium=referral&utm_campaign=footer	chromecache_295.2.dr, chromecache_301.2.dr	false		high
https://asx-frontend-autopush.corp.google.com/inapp/	chromecache_364.2.dr, chromecache_379.2.dr	false		high
https://feedback.googleusercontent.com/resources/render_frame2.html	chromecache_364.2.dr, chromecache_379.2.dr	false		high
https://grow.google/certificates/?utm_source=google&utm_medium=blog&utm_campaign=about-googl	chromecache_301.2.dr	false		high
https://sandbox.google.com/tools/feedback/%	chromecache_364.2.dr, chromecache_379.2.dr	false		high
http://tools.ietf.org/html/rfc1950	chromecache_311.2.dr, chromecache_396.2.dr, chromecache_326.2.dr, chromecache_245.2.dr	false		high
https://play.google.com/work/embedded/search?usegapi=1&usegapi=1	chromecache_319.2.dr, chromecache_235.2.dr, chromecache_320.2.dr, chromecache_339.2.dr	false		high
https://abc.xyz/investor/?utm_source=about&utm_medium=referral&utm_campaign=footer-link	chromecache_295.2.dr, chromecache_301.2.dr	false		high
https://careers.google.com/?utm_source=about&utm_medium=referral&utm_campaign=footer-link	chromecache_295.2.dr, chromecache_301.2.dr	false		high
https://blog.google/technology/ai/google-ai-news-recap-2024/	chromecache_330.2.dr, chromecache_259.2.dr, chromecache_324.2.dr, chromecache_371.2.dr	false		high
https://www.google.com/log?format=json&hasfast=true	chromecache_290.2.dr, chromecache_380.2.dr, chromecache_336.2.dr, chromecache_273.2.dr	false		high
https://blog.google/products/gmail/	chromecache_330.2.dr, chromecache_259.2.dr, chromecache_324.2.dr, chromecache_371.2.dr	false		high
https://lens.google.com	chromecache_380.2.dr, chromecache_273.2.dr	false		high
https://support.google.com/inapp/%	chromecache_364.2.dr, chromecache_379.2.dr	false		high
https://support.google.com/youtube/?p=report_playback	chromecache_396.2.dr, chromecache_326.2.dr	false		high
https://www.google.com/doodles/history/%	chromecache_276.2.dr, chromecache_340.2.dr	false		high
https://lh3.googleusercontent.com/8z6h0V4mHRbBVKOIRQwDF6Jh0AlCZxF5AMpYy8_SSCgGiuYyy7sQKNaJ_N2oPnaVYH	chromecache_301.2.dr	false		high
https://angular.dev/license	chromecache_396.2.dr, chromecache_326.2.dr	false		high
https://developers.google.com/youtube/iframe_api_reference#Events	chromecache_338.2.dr, chromecache_256.2.dr	false		high
http://youtube.com/streaming/metadata/segment/102015	chromecache_396.2.dr, chromecache_326.2.dr	false		high
https://lens.google.com/gen204	chromecache_244.2.dr, chromecache_271.2.dr	false		high
https://youtu.be/	chromecache_396.2.dr, chromecache_326.2.dr	false		high
https://www.google.com/shopping/customerreviews/badge?usegapi=1	chromecache_319.2.dr, chromecache_235.2.dr, chromecache_320.2.dr, chromecache_339.2.dr	false		high
https://blog.google/technology/health/	chromecache_330.2.dr, chromecache_324.2.dr	false		high
https://sustainability.google/?utm_source=about.google&utm_medium=referral&utm_campaign=site	chromecache_295.2.dr, chromecache_301.2.dr	false		high
https://blog.google/products/gemini/google-gemini-ai-collection-2024	chromecache_301.2.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
216.239.36.21	unknown	United States	15169	GOOGLEUS	false
23.209.208.242	unknown	United States	23693	TELKOMSEL-ASN-IDPTTelekomunikasiSelularID	false
208.109.33.77	77.33.109.208.host.secureserver.net	United States	30148	SUCURI-SECUS	false
142.250.186.36	unknown	United States	15169	GOOGLEUS	false
142.250.74.214	unknown	United States	15169	GOOGLEUS	false
172.217.18.4	www.google.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.196	unknown	United States	15169	GOOGLEUS	false
142.250.185.230	unknown	United States	15169	GOOGLEUS	false
172.217.16.150	i.ytimg.com	United States	15169	GOOGLEUS	false
142.250.185.206	www3.l.google.com	United States	15169	GOOGLEUS	false
142.250.185.129	unknown	United States	15169	GOOGLEUS	false
216.58.212.166	static.doubleclick.net	United States	15169	GOOGLEUS	false
216.58.206.34	unknown	United States	15169	GOOGLEUS	false
104.25.233.53	is.gd	United States	13335	CLOUDFLARENETUS	false
142.250.185.241	csp.withgoogle.com	United States	15169	GOOGLEUS	false
142.250.186.97	unknown	United States	15169	GOOGLEUS	false
142.250.186.179	ghs-svc-https-sni.ghs-ssl.googlehosted.com	United States	15169	GOOGLEUS	false
216.239.32.29	about.google	United States	15169	GOOGLEUS	false
172.217.16.206	play.google.com	United States	15169	GOOGLEUS	false
172.217.16.129	photos-ugc.l.googleusercontent.com	United States	15169	GOOGLEUS	false
216.239.32.21	blog.google	United States	15169	GOOGLEUS	false
216.58.206.65	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false
142.250.185.130	unknown	United States	15169	GOOGLEUS	false
172.217.16.130	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false
108.162.193.94	archivofdb.online	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.4
192.168.2.25

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1585490
Start date and time:	2025-01-07 18:00:08 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 6m 24s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowshtmlcookbook.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	9
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample name:	FACTURAMAIL.html
Detection:	MAL
Classification:	mal48.winHTML@34/286@92/28
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Found application associated with file extension: .html

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 192.229.221.95, 199.232.214.172, 172.217.18.3, 216.58.206.46, 74.125.71.84, 142.250.185.174, 142.250.186.110, 216.58.206.78, 142.250.186.42, 142.250.185.138, 172.217.18.10, 172.217.16.138, 142.250.186.106, 142.250.185.202, 142.250.185.74, 216.58.206.74, 142.250.185.170, 142.250.186.138, 142.250.184.234, 142.250.186.74, 172.217.16.202, 172.217.23.106, 142.250.185.106, 216.58.212.170, 142.250.185.238, 142.250.181.227, 142.250.185.234, 172.217.16.131, 216.58.212.138, 142.250.74.202, 142.250.184.202, 142.250.181.238, 142.250.74.195, 142.250.185.131, 172.217.18.106, 216.58.206.42, 142.250.186.170, 142.250.181.234, 142.250.184.195, 142.250.185.227, 142.250.186.40, 142.250.186.123, 142.250.185.219, 142.250.185.91, 142.250.184.219, 142.250.184.251, 142.250.186.187, 142.250.185.187, 142.250.186.155, 142.250.181.251, 172.217.18.27, 142.250.185.155, 172.217.16.219, 142.250.185.123, 216.58.206.59, 142.250.185.251, 142.250.186.59, 142.250.184.227, 142.250.185.142, 142.250.186.91,
Excluded domains from analysis (whitelisted): ssl.gstatic.com, storage.googleapis.com, slscr.update.microsoft.com, clientservices.googleapis.com, js.ui-portal.de, s.uicdn.com, clients2.google.com, ocsp.digicert.com, redirector.gvt1.com, www.googletagmanager.com, update.googleapis.com, www.gstatic.com, wu-b-net.trafficmanager.net, optimizationguide-pa.googleapis.com, www.google-analytics.com, clients1.google.com, www.bing.com, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, otelrules.azureedge.net, ctldl.windowsupdate.com.delivery.microsoft.com, fonts.gstatic.com, ajax.googleapis.com, ctldl.windowsupdate.com, ogads-pa.googleapis.com, jnn-pa.googleapis.com, fe3cr.delivery.mp.microsoft.com, edgedl.me.gvt1.com, umwatson.events.data.microsoft.com, clients.l.google.com
HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: FACTURAMAIL.html

Input	Output
URL: https://about.google Model: Joe Sandbox AI	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": true, "brand_spoofing_attempt": false, "third_party_hosting": false }
URL: https://about.google
URL: https://www.gstatic.com/_/mss/boq-one-google/_/js/... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a part of a larger library or framework, and it does not contain any high-risk indicators. It includes some moderate-risk behaviors, such as external data transmission and aggressive DOM manipulation, but these are likely part of the normal functionality of the library. Additionally, the code contains several copyright notices and license identifiers, suggesting it is part of a legitimate project. Overall, the risk score is on the lower end, indicating a relatively benign script with some potentially aggressive but not inherently malicious behaviors." }
"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this; try{ _._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a\|\|[]};(0,_._F_toggles_initialize)([0x380c1880, 0x36, ]); /* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 / / Copyright Google LLC SPDX-License-Identifier: Apache-2.0 / / SPDX-License-Identifier: Apache-2.0 / / Copyright 2024 Google, Inc SPDX-License-Identifier: MIT */ var ia,aaa,Ha,baa,Ka,cb,sb,eaa,Mb,Rb,Sb,Tb,Ub,Vb,Wb,Xb,$b,faa,gaa,bc,dc,lc,pc,haa,xc,Ac,Bc,Gc,Pc,Qc,Mc,Nc,Vc,Yc,ed,fd,Zc,jd,md,naa,Cd,Dd,Ed,paa,Kd,qaa,Od,raa,saa,taa,Ud,uaa,be,Je,Ve,Te,We,y,hf,pf,sf,Df,zaa,Aaa,Baa,Caa,If,Mf,Eaa,Faa,Gaa,Haa,Iaa,Jaa,lg,Kaa,Laa,Maa,Jg,Raa,Paa,Xg,Vaa,bh,eh,Xaa,Yaa,gh,vh,bba,cba,Ah,dba,Mh,fba,Qh,gba,hba,ci,di,ei,iba,jba,hi,lba,mba,ki,li,rba,tba,uba,pi,wba,xba,yba,zba,Aba,Cba,Dba,Eba,Gba,Hba,aa,Gi,Hi,Iba,Ji,Lba,Ui,Mba,Nba,cj,dj,Oba; _.ba=function(a){return function(){return aa[a].apply(this,arguments)}};_.ca=function(a,b){return aa[a]=b};_.ea=function(a){_.da.setTimeout(function(){throw a;},0)};_.fa=function(a){a&&typeof a.dispose=="function"&&a.dispose()};ia=function(a){for(var b=0,c=arguments.length;b<c;++b){var d=arguments[b];_.ha(d)?ia.apply(null,d):_.fa(d)}}; _.ja=function(a,b){if(Error.captureStackTrace)Error.captureStackTrace(this,_.ja);else{var c=Error().stack;c&&(this.stack=c)}a&&(this.message=String(a));b!==void 0&&(this.cause=b);this.j=!0};_.ka=function(a){return a[a.length-1]};_.ma=function(a,b,c){for(var d=typeof a==="string"?a.split(""):a,e=a.length-1;e>=0;--e)e in d&&b.call(c,d[e],e,a)};_.pa=function(a,b,c){b=_.oa(a,b,c);return b<0?null:typeof a==="string"?a.charAt(b):a[b]}; _.oa=function(a,b,c){for(var d=a.length,e=typeof a==="string"?a.split(""):a,f=0;f<d;f++)if(f in e&&b.call(c,e[f],f,a))return f;return-1};_.ra=function(a,b){return(0,_.qa)(a,b)>=0};_.sa=function(a,b){_.ra(a,b)\|\|a.push(b)};_.ua=function(a,b){b=(0,_.qa)(a,b);var c;(c=b>=0)&&_.ta(a,b);return c};_.ta=function(a,b){return Array.prototype.splice.call(a,b,1).length==1};_.va=function(a){return Array.prototype.concat.apply([],arguments)}; _.wa=function(a){var b=a.length;if(b>0){for(var c=Array(b),d=0;d<b;d++)c[d]=a[d];return c}return[]};_.xa=function(a,b){for(var c=1;c<arguments.length;c++){var d=arguments[c];if(_.ha(d)){var e=a.length\|\|0,f=d.length\|\|0;a.length=e+f;for(var g=0;g<f;g++)a[e+g]=d[g]}else a.push(d)}};_.ya=function(a,b,c){return arguments.length<=2?Array.prototype.slice.call(a,b):Array.prototype.slice.call(a,b,c)}; _.Ca=function(a,b){b=b\|\|a;for(var c=0,d=0,e={};d<a.length;){var f=a[d++],g=_.za(f)?"o"+_.Ba(f):(typeof f).charAt(0)+f;Object.prototype.hasOwnProperty.call(e,g)\|\|(e[g]=!0,b[c++]=f)}b.length=c};_.Da=function(a,b){if(!_.ha(a)\|\|!_.ha(b)\|\|a.length!=b.length)return!1;for(var c=a.length,d=aaa,e=0;e<c;e++)if(!d(a[e],b[e]))return!1;return!0};_.Ea=function(a,b){return a>b?1:a<b?-1:0};aaa=function(a,b){return a===b};_.Ga=function(a,b){var c={};(0,_.Fa)(a,function(d,e){c[b.call(void 0,d,e,a)]=d});return c}; Ha=function(a){return{valueOf:a}.valueOf()};baa=function(){var a=null;if(!Ia)return a;try{var b=function(c){return c};a=Ia.createPolicy("OneGoogleWidgetUi#html",{createHTML:b,createScript:b,createScriptURL:b})}catch(c){}return a};Ka=function(){Ja===void 0&&(Ja=baa());return Ja};_.Na=function(a){var b=Ka();return new _.La(_.Ma,b?b.createHTML(a):a)};_.Oa=function(a){return a instanceof _.La};_.Pa=function(a){if(_.Oa(a))return a.j;throw Error("B");}; _.Ra=function(a){return"function"==typeof _.Qa&&a instanceof _.Qa};_.Sa=function(a){if(_.Ra(a))return a.j;throw Error("B");};_.Ua=function(a){var b=Ka();return new _.Ta(_.Ma,b?b.createScriptURL(a):a)};_.Va=function(a){return a instanceof _.Ta};_.Xa=function(a){if(_.Va(a))return a.j;throw Error("B");};_.Za=function(a){return new _.Ya(_.Ma,a)};_.$a=function(a){return a instanceof _.Ya};_.ab=function(a){if(_.$a(a))return a.j;t
URL: https://www.gstatic.com/external_hosted/lottie_pla... Model: Joe Sandbox AI	{ "risk_score": 1, "reasoning": "The provided JavaScript snippet appears to be a legitimate and benign library for rendering Lottie animations. It does not exhibit any high-risk behaviors, such as dynamic code execution, data exfiltration, or redirects to suspicious domains. The script is licensed under the MIT license and is likely used for legitimate purposes. While it uses some legacy APIs like `XDomainRequest`, these pose only minor risks and are not inherently malicious. Overall, this script can be considered low risk." }
//third_party/javascript/lottie_player/lottie_player.js /** * @license * MIT License * * Copyright (c) 2019 LottieFiles.com * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * SOFTWARE. * */ parcelRequire=function(e,r,t,n){var i,o="function"==typeof parcelRequire&&parcelRequire,u="function"==typeof require&&require;function f(t,n){if(!r[t]){if(!e[t]){var i="function"==typeof parcelRequire&&parcelRequire;if(!n&&i)return i(t,!0);if(o)return o(t,!0);if(u&&"string"==typeof t)return u(t);var c=new Error("Cannot find module '"+t+"'");throw c.code="MODULE_NOT_FOUND",c}p.resolve=function(r){return e[t][1][r]\|\|r},p.cache={};var l=r[t]=new f.Module(t);e[t][0].call(l.exports,p,l,l.exports,this)}return r[t].exports;function p(e){return f(p.resolve(e))}}f.isParcelRequire=!0,f.Module=function(e){this.id=e,this.bundle=f,this.exports={}},f.modules=e,f.cache=r,f.parent=o,f.register=function(r,t){e[r]=[function(e,r){r.exports=t},{}]};for(var c=0;c<t.length;c++)try{f(t[c])}catch(e){i\|\|(i=e)}if(t.length){var l=f(t[t.length-1]);"object"==typeof exports&&"undefined"!=typeof module?module.exports=l:"function"==typeof define&&define.amd?define(function(){return l}):n&&(this[n]=l)}if(parcelRequire=f,i)throw i;return f}({"ytxR":[function(require,module,exports) { "use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.removeNodes=exports.reparentNodes=exports.isCEPolyfill=void 0;const e="undefined"!=typeof window&&null!=window.customElements&&void 0!==window.customElements.polyfillWrapFlushCallback;exports.isCEPolyfill=e;const o=(e,o,l=null,s=null)=>{for(;o!==l;){const l=o.nextSibling;e.insertBefore(o,s),o=l}};exports.reparentNodes=o;const l=(e,o,l=null)=>{for(;o!==l;){const l=o.nextSibling;e.removeChild(o),o=l}};exports.removeNodes=l; },{}],"Av0K":[function(require,module,exports) { "use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.lastAttributeNameRegex=exports.createMarker=exports.isTemplatePartActive=exports.Template=exports.boundAttributeSuffix=exports.markerRegex=exports.nodeMarker=exports.marker=void 0;const e=`{{lit-${String(Math.random()).slice(2)}}}`;exports.marker=e;const t=`\x3c!--${e}--\x3e`;exports.nodeMarker=t;const r=new RegExp(`${e}\|${t}`);exports.markerRegex=r;const s="$lit$";exports.boundAttributeSuffix=s;class o{constructor(t,o){this.parts=[],this.element=o;const i=[],l=[],p=document.createTreeWalker(o.content,133,null,!1);let c=0,d=-1,u=0;const{strings:f,values:{length:h}}=t;for(;u<h;){const t=p.nextNode();if(null!==t){if(d++,1===t.nodeType){if(t.hasAttributes()){const e=t.attributes,{length:o}=e;let i=0;for(let t=0;t<o;t++)n(e[t].name,s)&&i++;for(;i-- >0;){const e=f[u],o=x.exec(e)[2],n=o.toLowerCase()+s,i=t.getAttribute(n);t.removeAttribute(n);const a=i.split(r);this.parts.push({type:"attribute",index:d,name:o,strings:a}),u+=a.length-1}}"TEMPLATE"===t.tagName&&(l.push(t),p.currentNode=t.content)}else if(3===t.nodeType){const o=t.data;if(o.indexOf(e)>=0){const e=t.parentNode,l=o.split
URL: https://www.gstatic.com/external_hosted/picturefil... Model: Joe Sandbox AI	{ "risk_score": 1, "reasoning": "The provided JavaScript snippet appears to be a legitimate and benign library for responsive image handling, known as Picturefill. It does not exhibit any high-risk behaviors, such as dynamic code execution, data exfiltration, or redirects to suspicious domains. The script is well-documented, open-source, and widely used in the web development community. While it uses some legacy APIs like `XDomainRequest`, these pose only minor risks and are not inherently malicious. Overall, this script is likely safe and does not raise significant security concerns." }
/** * @license * Copyright 2016 Picturefill. * picturefill - v3.0.2 - 2016-02-12 * https://scottjehl.github.io/picturefill/ * Copyright (c) 2016 https://github.com/scottjehl/picturefill/blob/3.0.2/Authors.txt * * The MIT License (MIT) * * Copyright (c) 2014 Filament Group * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in all * copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * SOFTWARE. / !function(a){var b=navigator.userAgent;a.HTMLPictureElement&&/ecko/.test(b)&&b.match(/rv\:(\d+)/)&&RegExp.$1<45&&addEventListener("resize",function(){var b,c=document.createElement("source"),d=function(a){var b,d,e=a.parentNode;"PICTURE"===e.nodeName.toUpperCase()?(b=c.cloneNode(),e.insertBefore(b,e.firstElementChild),setTimeout(function(){e.removeChild(b)})):(!a._pfLastSize\|\|a.offsetWidth>a._pfLastSize)&&(a._pfLastSize=a.offsetWidth,d=a.sizes,a.sizes+=",100vw",setTimeout(function(){a.sizes=d}))},e=function(){var a,b=document.querySelectorAll("picture > img, img[srcset][sizes]");for(a=0;a<b.length;a++)d(b[a])},f=function(){clearTimeout(b),b=setTimeout(e,99)},g=a.matchMedia&&matchMedia("(orientation: landscape)"),h=function(){f(),g&&g.addListener&&g.addListener(f)};return c.srcset="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==",/^[c\|i]\|d$/.test(document.readyState\|\|"")?h():document.addEventListener("DOMContentLoaded",h),f}())}(window),function(a,b,c){"use strict";function d(a){return" "===a\|\|" "===a\|\|"\n"===a\|\|"\f"===a\|\|"\r"===a}function e(b,c){var d=new a.Image;return d.onerror=function(){A[b]=!1,ba()},d.onload=function(){A[b]=1===d.width,ba()},d.src=c,"pending"}function f(){M=!1,P=a.devicePixelRatio,N={},O={},s.DPR=P\|\|1,Q.width=Math.max(a.innerWidth\|\|0,z.clientWidth),Q.height=Math.max(a.innerHeight\|\|0,z.clientHeight),Q.vw=Q.width/100,Q.vh=Q.height/100,r=[Q.height,Q.width,P].join("-"),Q.em=s.getEmValue(),Q.rem=Q.em}function g(a,b,c,d){var e,f,g,h;return"saveData"===B.algorithm?a>2.7?h=c+1:(f=b-c,e=Math.pow(a-.6,1.5),g=fe,d&&(g+=.1e),h=a+g):h=c>1?Math.sqrt(ab):a,h>c}function h(a){var b,c=s.getSet(a),d=!1;"pending"!==c&&(d=r,c&&(b=s.setRes(c),s.applySetCandidate(b,a))),a[s.ns].evaled=d}function i(a,b){return a.res-b.res}function j(a,b,c){var d;return!c&&b&&(c=a[s.ns].sets,c=c&&c[c.length-1]),d=k(b,c),d&&(b=s.makeUrl(b),a[s.ns].curSrc=b,a[s.ns].curCan=d,d.res\|\|aa(d,d.set.sizes)),d}function k(a,b){var c,d,e;if(a&&b)for(e=s.parseSet(b),a=s.makeUrl(a),c=0;c<e.length;c++)if(a===s.makeUrl(e[c].url)){d=e[c];break}return d}function l(a,b){var c,d,e,f,g=a.getElementsByTagName("source");for(c=0,d=g.length;d>c;c++)e=g[c],e[s.ns]=!0,f=e.getAttribute("srcset"),f&&b.push({srcset:f,media:e.getAttribute("media"),type:e.getAttribute("type"),sizes:e.getAttribute("sizes")})}function m(a,b){function c(b){var c,d=b.exec(a.substring(m));return d?(c=d[0],m+=c.length,c):void 0}function e(){var a,c,d,e,f,i,j,k,l,m=!1,o={};for(e=0;e<h.length;e++)f=h[e],i=f[f.length-1],j=f.substring(0,f.length-1),k=parseInt(j,10),l=parseFloat(j),X.test(j)&&"w"===i?((a\|\|c)&&(m=!0),0===k?m=!0:a=k):Y.test(j)&&"x
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sende... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a legitimate script that loads the Google Cast SDK for Chrome. It checks the user's browser version, loads the necessary scripts from trusted Google domains, and handles the availability of the Cast API. While it uses some legacy practices like `XDomainRequest`, the overall behavior is consistent with its intended purpose and does not exhibit any high-risk indicators." }
(function(){/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ 'use strict';var l=function(){var a=h,b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},m=this\|\|self,n=/^[\w+/_-]+[=]{0,2}$/,p=null,q=function(a){return(a=a.querySelector&&a.querySelector("script[nonce]"))&&(a=a.nonce\|\|a.getAttribute("nonce"))&&n.test(a)?a:""},r=function(a,b){function e(){}e.prototype=b.prototype;a.i=b.prototype;a.prototype=new e;a.prototype.constructor=a;a.h=function(c,g,k){for(var f=Array(arguments.length-2),d=2;d<arguments.length;d++)f[d-2]=arguments[d]; return b.prototype[g].apply(c,f)}},t=function(a){return a};function u(a){if(Error.captureStackTrace)Error.captureStackTrace(this,u);else{var b=Error().stack;b&&(this.stack=b)}a&&(this.message=String(a))}r(u,Error);u.prototype.name="CustomError";var v=function(a,b){a=a.split("%s");for(var e="",c=a.length-1,g=0;g<c;g++)e+=a[g]+(g<b.length?b[g]:"%s");u.call(this,e+a[c])};r(v,u);v.prototype.name="AssertionError";var w=function(a,b){throw new v("Failure"+(a?": "+a:""),Array.prototype.slice.call(arguments,1));};var x;var A=function(a,b){this.g=b===z?a:""};A.prototype.toString=function(){return this.g+""};var z={};var B=function(){var a=window.navigator.userAgent.match(/Chrome\/([0-9]+)/);return a?parseInt(a[1],10):0},C=function(a){return!!document.currentScript&&(-1!=document.currentScript.src.indexOf("?"+a)\|\|-1!=document.currentScript.src.indexOf("&"+a))},D=function(){return"function"==typeof window.__onGCastApiAvailable?window.__onGCastApiAvailable:null},F=function(a){a.length?E(a.shift(),function(){F(a)}):G()},H=function(a){return"chrome-extension://"+a+"/cast_sender.js"},E=function(a,b,e){var c=document.createElement("script"); c.onerror=b;e&&(c.onload=e);if(void 0===x)if(b=null,(e=m.trustedTypes)&&e.createPolicy){try{b=e.createPolicy("goog#html",{createHTML:t,createScript:t,createScriptURL:t})}catch(y){m.console&&m.console.error(y.message)}x=b}else x=b;a=(b=x)?b.createScriptURL(a):a;a=new A(a,z);a:{try{var g=c&&c.ownerDocument,k=g&&(g.defaultView\|\|g.parentWindow);k=k\|\|m;if(k.Element&&k.Location){var f=k;break a}}catch(y){}f=null}if(f&&"undefined"!=typeof f.HTMLScriptElement&&(!c\|\|!(c instanceof f.HTMLScriptElement)&&(c instanceof f.Location\|\|c instanceof f.Element))){f=typeof c;if("object"==f&&null!=c\|\|"function"==f)try{var d=c.constructor.displayName\|\|c.constructor.name\|\|Object.prototype.toString.call(c)}catch(y){d="<object could not be stringified>"}else d=void 0===c?"undefined":null===c?"null":typeof c;w("Argument is not a %s (or a non-Element, non-Location mock); got: %s","HTMLScriptElement",d)}a instanceof A&&a.constructor===A?d=a.g:(d=typeof a,w("expected object of type TrustedResourceUrl, got '"+a+"' of type "+("object"!= d?d:a?Array.isArray(a)?"array":d:"null")),d="type_error:TrustedResourceUrl");c.src=d;(d=c.ownerDocument&&c.ownerDocument.defaultView)&&d!=m?d=q(d.document):(null===p&&(p=q(m.document)),d=p);d&&c.setAttribute("nonce",d);(document.head\|\|document.documentElement).appendChild(c)},I=function(){var a=B(),b=[];if(1<a){var e=a-1;b.push("//www.gstatic.com/eureka/clank/"+a+"/cast_sender.js");b.push("//www.gstatic.com/eureka/clank/"+e+"/cast_sender.js")}return b},G=function(){var a=D();a&&a(!1,"No cast extension found")}, K=function(){if(J){var a=2,b=D(),e=function(){a--;0==a&&b&&b(!0)};window.__onGCastApiAvailable=e;E("//www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js",G,e)}},J=C("loadCastFramework")\|\|C("loadCastApplicationFramework"),L=["pkedcjkdefgpdelpbcmbmeomcjbeemfm","enhhojjnijigcajfphajepfemndkmdlo"];if(0<=window.navigator.userAgent.indexOf("Android")&&0<=window.navigator.userAgent.indexOf("Chrome/")&&window.navigator.presentation){if(60<=B()){K();var M=I();M.push("//www.gstatic.com/eureka/clank/cast_sender.js");F(M)}}else if(!window.chrome\|\|!window.navigator.presentation\|\|0<=window.navigator.userAgent.indexOf("Edge"))G();else if(89<=B()){K();var N=I(),O=N.push,P=O.apply,h=L.map(H),Q;if(h instanceof Array)Q=h;e
URL: https://www.gstatic.com/_/mss/boq-one-google/_/js/... Model: Joe Sandbox AI	{ "risk_score": 6, "reasoning": "The script demonstrates some moderate-risk behaviors, such as external data transmission and the use of fallback domains. However, it also includes some legitimate context, such as analytics/telemetry functionality. Overall, the script requires further review due to its unclear or potentially aggressive behavior." } The key points that contribute to the risk score of 6 (Medium Risk) are: 1. External Data Transmission (+2 points): The script sends user data to external domains via XHR or fetch requests. 2. Fallback Domains (+2 points): The script uses multiple fallback domains, which could potentially include untrusted domains. 3. Legitimate Analytics/Telemetry Context (-2 points): The script's intent appears to be related to analytics or telemetry functionality, which reduces the risk score. The script does not exhibit any high-risk indicators, such as dynamic code execution or obvious data exfiltration. However, the external data transmission and use of fallback domains warrant further investigation to ensure the script's behavior is consistent with its apparent purpose.
"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this; try{ _.n("P6sQOc"); var Zqa=!!(_.nj[0]>>24&1);var $qa=function(a,b,c,d,e){this.o=a;this.N=b;this.v=c;this.O=d;this.T=e;this.j=0;this.l=Z0(this)},ara=function(a){var b={};_.Fa(a.Cs(),function(e){b[e]=!0});var c=a.us(),d=a.ws();return new $qa(a.vs(),c.j()1E3,a.ms(),d.j()1E3,b)},Z0=function(a){return Math.random()Math.min(a.NMath.pow(a.v,a.j),a.O)},$0=function(a,b){return a.j>=a.o?!1:b!=null?!!a.T[b]:!0};var a1=function(){this.j=_.VA(_.W0);this.o=_.VA(_.U0);var a=_.VA(_.AZ);this.fetch=a.fetch.bind(a)};a1.prototype.l=function(a,b){if(this.o.getType(a.Ab())!==1)return _.Xp(a);var c=this.j.Ct;(c=c?ara(c):null)&&$0(c)?(b=b1(this,a,b,c),a=new _.Wp(a,b,2)):a=_.Xp(a);return a}; var b1=function(a,b,c,d){return c.then(function(e){return e},function(e){if(Zqa)if(e instanceof _.ag){if(!e.status\|\|!$0(d,_.jm(e.status,1)))throw e;}else{if("function"==typeof _.nw&&e instanceof _.nw&&e.l!==103&&e.l!==7)throw e;}else if(!e.status\|\|!$0(d,_.jm(e.status,1)))throw e;return _.Sf(d.l).then(function(){if(!$0(d))throw Error("Jd`"+d.o);++d.j;d.l=Z0(d);b=_.ao(b,_.Wn,d.j);return b1(a,b,a.fetch(b),d)})})};_.$A(a1,_.Y0); _.p(); }catch(e){_._DumpException(e)} }).call(this,this.default_OneGoogleWidgetUi); // Google Inc.
URL: https://www.gstatic.com/_/mss/boq-one-google/_/js/... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a part of a Google widget implementation. It does not contain any high-risk indicators, such as dynamic code execution, data exfiltration, or redirects to malicious domains. The script primarily handles analytics and telemetry functionality, which is a common and legitimate use case. While it uses some legacy practices, such as the `XDomainRequest` API, the overall behavior is benign and does not raise significant security concerns." }
"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this; try{ _.n("Wt6vjf"); var uA=function(a){this.ua=_.x(a,0,uA.rb)};_.D(uA,_.B);uA.prototype.Xa=function(){return _.em(this,1)};uA.prototype.qc=function(a){_.tm(this,1,a)};uA.rb="f.bo";var vA=function(){_.tp.call(this)};_.D(vA,_.tp);vA.prototype.qb=function(){this.Ts=!1;wA(this);_.tp.prototype.qb.call(this)};vA.prototype.j=function(){xA(this);if(this.ql)return yA(this),!1;if(!this.ju)return zA(this),!0;this.dispatchEvent("p");if(!this.Vq)return zA(this),!0;this.Gp?(this.dispatchEvent("r"),zA(this)):yA(this);return!1}; var AA=function(a){var b=new _.Yu(a.Uz);a.Kr!=null&&b.l.set("authuser",a.Kr);return b},yA=function(a){a.ql=!0;var b=AA(a),c="rt=r&f_uid="+_.Gm(a.Vq);_.$q(b,(0,_.yi)(a.l,a),"POST",c)}; vA.prototype.l=function(a){a=a.target;xA(this);if(_.fr(a)){this.Do=0;if(this.Gp)this.ql=!1,this.dispatchEvent("r");else if(this.ju)this.dispatchEvent("s");else{try{var b=_.Wu(a),c=JSON.parse(b.substring(b.indexOf("\n")));var d=(new uA(c[0])).Xa()}catch(e){_.Lg(e);this.dispatchEvent("t");BA(this);return}this.ql=!1;d?this.dispatchEvent("q"):this.dispatchEvent("r")}zA(this)}else{if(_.gr(a)!=0){d="";try{d=_.Wu(a)}catch(e){}a=Error("tc`"+_.gr(a)+"`"+AA(this).toString()+"`"+String(a.ha)+"`"+d);_.Lg(a); this.dispatchEvent("t")}BA(this)}};var xA=function(a){var b=_.tA.get(window.location.protocol=="https:"?"SAPISID":"APISID","");a.Gp=a.Co!==""&&b==="";a.ju=a.Co!=b;a.Co=b},BA=function(a){a.Gp\|\|(a.ql=!0,a.Do=Math.min((a.Do\|\|3)2,60),zA(a))},zA=function(a){if(a.Ts\|\|a.ql)wA(a),a.yq=window.setTimeout((0,_.yi)(a.j,a),Math.max(3,a.Do)1E3)},wA=function(a){a.yq&&(window.clearTimeout(a.yq),a.yq=0)};_.h=vA.prototype;_.h.Do=0;_.h.yq=0;_.h.Co=null;_.h.Gp=!1;_.h.ju=!1;_.h.Kr=null;_.h.Uz="/_/idv/";_.h.Vq=""; _.h.Ts=!1;_.h.ql=!1;_.$e(_.Tp,vA);_.vb().qd(function(a){var b=new vA;_.gu(a,_.Tp,b);if(_.Vu()){a=_.Vu();var c=_.Se("WZsZ1e").string(null);b.Vq=a;c!==void 0&&(b.Co=c);a=_.Xu();_.kl(a,"/")\|\|(a="/"+a);b.Uz=a+"/idv/";(a=_.Fm())&&_.Se("gGcLoe").l(!1)&&(b.Kr=a);b.Ts=!0;b.j()}}); _.p(); _.n("hhhU8"); var WI;new _.qk(function(a){WI=a});_.RE();_.ig(function(){WI()}); _.p(); _.n("FCpbqb"); _.vb().qd(function(a){_.Cg(_.bu,a)}); _.p(); _.n("WhJNk"); var zI=new Date(1262304E6),AI=new Date(12779424E5),Gja=new Date(129384E7),BI=function(a,b){b?a.push(Math.round((b-zI.getTime())/6E4)):a.push(null)},CI=function(a,b,c){a.push(b.getTimezoneOffset()/15+56);a:{var d=b.getTimezoneOffset();var e=c.getTimezoneOffset();if(d!=e)for(b=b.getTime()/6E4,c=c.getTime()/6E4;b<=c;){var f=(b>>1)+(c>>1),g=f*6E4,k=(new Date(g+3E4)).getTimezoneOffset();if((new Date(g-3E4)).getTimezoneOffset()!=k){d=g;break a}if(k==d)b=f+1;else if(k==e)c=f-1;else break}d=null}BI(a,d)};var DI=function(a){_.zr.call(this);this.j=a.service.window;var b=b===void 0?!1:b;if(!_.Rf(_.Se("xn5OId"),!1)&&_.tA.isEnabled()&&(_.tA.get("OTZ")===void 0\|\|b)){a=_.tA.set;b=[];var c=new Date;BI(b,c.getTime());b.push(c.getTimezoneOffset()/15+56);CI(b,zI,AI);CI(b,AI,Gja);a.call(_.tA,"OTZ",b.join("_"),{ft:2592E3,path:"/",domain:void 0,UL:this.j.get().location.protocol==="https:"})}};_.D(DI,_.N);DI.W=function(){return{service:{window:_.jB}}};_.ZA(_.bu,DI); _.p(); }catch(e){_._DumpException(e)} }).call(this,this.default_OneGoogleWidgetUi); // Google Inc.
URL: https://www.gstatic.com/_/mss/boq-one-google/_/js/... Model: Joe Sandbox AI	```json { "risk_score": 3, "reasoning": "The script contains obfuscated code and uses aggressive DOM manipulation techniques, but there are no clear indicators of malicious intent such as data exfiltration or dynamic code execution. The script appears to be part of a UI component, likely for styling or widget functionality, which aligns with legitimate use cases." }
"use strict";_F_installCss(":root{--boq-chrometransition-background:#eee;--boq-chrometransition-active-background-opacity:0.8}.KL4X6e{background:var(--boq-chrometransition-background);bottom:0;left:0;opacity:0;position:absolute;right:0;top:0}.TuA45b{opacity:var(--boq-chrometransition-active-background-opacity)}sentinel{}"); this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this; try{ _.CA=function(a,b){if(typeof b!=="number"\|\|b<0\|\|b>a.length)throw Error();};_.DA=function(a,b,c,d,e,f,g){var k=(0,_.Yd)(a.ua);_.Hc(k);a=_.ve(a,k,c,b,2,f,!0);g?_.CA(a,e):d=d!=null?d:new c;e!=void 0?a.splice(e,g,d):a.push(d);_.sc(d.ua)?(0,_.Ql)(a,8):(0,_.Ql)(a,16)};_.FA=function(a){if(a instanceof _.EA)return a.j;throw Error("B");};_.GA=function(a){return new _.EA(_.Ma,a[0].toLowerCase())}; _.HA=function(a,b,c,d){if(a.length===0)throw Error("B");a=a.map(function(f){return _.FA(f)});var e=c.toLowerCase();if(a.every(function(f){return e.indexOf(f)!==0}))throw Error("ma`"+c);b.setAttribute(c,d)};_.Jt.prototype.hc=_.ca(28,function(){return this.j.length==0?null:new _.G(this.j[0])});_.G.prototype.hc=_.ca(27,function(){return this});_.Jt.prototype.Ja=_.ca(26,function(){return this.j.length?this.j[0]:null});_.G.prototype.Ja=_.ca(25,function(){return this.j[0]}); _.IA=function(a){var b=_.Qm(a);b===null&&_.Om(a);return b};_.JA=function(a,b,c){if(!b&&!c)return null;var d=b?String(b).toUpperCase():null;return _.Ih(a,function(e){return(!d\|\|e.nodeName==d)&&(!c\|\|typeof e.className==="string"&&_.ra(e.className.split(/\s+/),c))},!0)};_.KA=function(a){return a.j.slice()};_.EA=function(a,b){this.j=b};_.EA.prototype.toString=function(){return this.j};_.LA=function(a){return a instanceof _.G?a:new _.G(_.Pt(a))};_.N=function(){_.zr.call(this)};_.D(_.N,_.zr);_.N.W=function(){return{}};_.N.prototype.fe=function(a){_.Ar(this,a)};_.N[_.ug]=function(){return!0};var fha=function(a,b){var c=_.Fb(b).map(function(d){return _.rg(d)}).filter(function(d){return d instanceof _.Xe});_.io(_.qg.Sa(),c);return _.Db(b,function(d){return _.Bg(d,a.Wd())})};_.df({service:function(a,b){return fha(a,b)}},!0); var hha,kha,lha,OA,gha,jha,iha;_.MA=function(a,b){a=_.nb(a);return _.Na(b.map(function(c){return _.Pa(_.nb(c))}).join(_.Pa(a).toString()))};_.NA=function(a){return _.MA("",a)};hha=function(a){if(!OA.test(a))throw Error("B");if(gha.indexOf(a.toUpperCase())!==-1)throw Error("B");}; _.PA=function(a){for(var b="",c=Object.keys(a),d=0;d<c.length;d++){var e=c[d],f=a[e];if(!OA.test(e))throw Error("B");if(f!==void 0&&f!==null){if(/^on./i.test(e))throw Error("B");iha.indexOf(e.toLowerCase())!==-1&&(f=_.$a(f)?f.toString():_.gb(String(f))\|\|"about:invalid#zClosurez");f=e+'="'+_.nb(String(f))+'"';b+=" "+f}}return b}; _.QA=function(a,b,c){hha(a);var d="<"+a;b&&(d+=_.PA(b));Array.isArray(c)\|\|(c=c===void 0?[]:[c]);jha.indexOf(a.toUpperCase())!==-1?d+=">":(b=_.NA(c.map(function(e){return _.Oa(e)?e:_.nb(String(e))})),d+=">"+b.toString()+"</"+a+">");return _.Na(d)};_.RA=function(a){for(var b=[],c=0;c<arguments.length;c++){var d=arguments[c];if(Array.isArray(d))for(var e=0;e<d.length;e+=8192)for(var f=_.RA.apply(null,_.ya(d,e,e+8192)),g=0;g<f.length;g++)b.push(f[g]);else b.push(d)}return b}; _.SA=function(a,b,c,d,e,f,g){_.Hc((0,_.Yd)(a.ua));b=_.ke(a,b,e,2,void 0,!0);var k;e=(k=_.qc((0,_.rc)(b)))!=null?k:0;if(g)if(Array.isArray(d))for(d=_.ne(d),f=d.length,g=0;g<f;g++)b.push(c(d[g],e));else for(d=_.t(d),f=d.next();!f.done;f=d.next())b.push(c(f.value,e));else f&&_.CA(b),b.push(c(d,e));return a};_.TA=function(a,b){b=_.hb(b);b!==void 0&&(a.href=b)}; kha=function(a,b){function c(g){clearTimeout(f);return g}var d=d===void 0?2E4:d;var e=b(d),f=setTimeout(function(){throw e;},d);return a.map(c,c)};lha=function(a){var b=_.Bg(a,_.zf());return kha(b,function(c){return Error("uc`service`"+_.yr(a)+"`"+c+"`service")})};_.UA=function(a){return _.zf().get(a instanceof _.Xe?a:_.af(a))};_.VA=function(a){return _.go(lha(a)).value};_.WA=function(a,b,c){this.l=a;this.j=b;this.o=c===void 0?null:
URL: https://www.google.com/ Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://www.gstatic.com/_/mss/boq-one-google/_/js/... Model: Joe Sandbox AI	```json { "risk_score": 2, "reasoning": "The script contains obfuscated code, which is a moderate-risk indicator (+2 points). However, there are no high-risk behaviors such as dynamic code execution or data exfiltration observed. The script appears to be related to performance monitoring or analytics, which could justify the obfuscation for legitimate purposes, but without more context, it remains a moderate risk." }
"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi\|\|{};(function(_){var window=this; try{ var gG; _.iG=function(){var a=gG(_.Se("xwAfE"),function(){return _.Se("UUFaWc")}),b=gG(_.Se("xnI9P"),function(){return _.Se("u4g7r")}),c,d,e,f;return(f=hG)!=null?f:hG=Object.freeze({isEnabled:function(g){return g===-1\|\|_.Rf(_.Se("iCzhFc"),!1)?!1:a.enabled\|\|b.enabled},Fg:(c=_.Pm(_.Se("y2FhP")))!=null?c:void 0,Hr:(d=_.Pm(_.Se("MUE6Ne")))!=null?d:void 0,zg:(e=_.Pm(_.Se("cfb2h")))!=null?e:void 0,Cf:_.Rm(_.Se("yFnxrf"),-1),Kw:_.Vm(_.Se("fPDxwd")).map(function(g){return _.Rm(g,0)}).filter(function(g){return g>0}), Yz:a,Jz:b})};gG=function(a,b){a=_.Rf(a,!1);return{enabled:a,Mj:a?_.ae(_.Sm(b(),_.jG)):Nia()}};_.jG=function(a){this.ua=_.x(a)};_.D(_.jG,_.B);var Nia=function(a){return function(){return _.Gd(a)}}(_.jG);var hG; _.n("p3hmRc"); var Zia=function(a){a.v=!0;return a},$ia=function(a,b,c,d){this.transport=a;this.j=b;this.l=c;this.Fg=d;this.o=Number(Date.now()).toString(36)+Math.random().toString(36).slice(2)};_.aH=function(){_.zr.call(this);this.config=_.iG();var a=this.config.Cf;this.config.isEnabled(a)&&(this.j=aja(this,a))};_.D(_.aH,_.N);_.aH.W=_.N.W;var aja=function(a,b){var c=[].map(function(k){return _.Md(k)}),d,e=_.$G(Zia(_.ZG(_.XG(_.YG(new _.WG(b,_.Fm()),_.yG(new _.xG,a.config.Kw)),(d=a.config.zg)!=null?d:""),c)));switch(b){case 2082:var f=2;break;case 1884:f=1}var g;return new $ia(e,a.config.Hr,f,(g=a.config.Fg)!=null?g:"")};_.ZA(_.lu,_.aH); _.p(); _.dH=function(a,b,c){var d=b.j().gM(a.o);a.j!==void 0&&d.BA(a.j);a.Fg&&d.eM(a.Fg);a.l&&d.fM(a.l);var e,f,g=(e=_.vb())==null?void 0:(f=e.ha)==null?void 0:_.Io(f.v,"k");g&&d.hM(g);b.l(c);a.transport.Vd(b);a.transport.flush()};_.eH=function(a,b,c){a=a.ua;var d=(0,_.Yd)(a);_.Hc(d);var e=_.le(a,d,c);b=_.$d(_.Hd(e,b,!0,d));e!==b&&_.ce(a,d,c,b);return b};_.fH=function(a){this.ua=_.x(a)};_.D(_.fH,_.B);_.h=_.fH.prototype;_.h.getUrl=function(){return _.lm(this,3)};_.h.BA=function(a){_.vm(this,5,a)}; _.h.eM=function(a){_.vm(this,7,a)};_.h.fM=function(a){_.wm(this,8,a)};_.h.gM=function(a){return _.vm(this,9,a)};_.h.hM=function(a){_.vm(this,10,a)};_.gH=function(a){this.ua=_.x(a)};_.D(_.gH,_.B);_.gH.prototype.j=function(){return _.eH(this,_.fH,5)};_.gH.prototype.l=function(a){_.bm(this,_.jG,18,a)}; _.n("LvGhrf"); var bja=function(a){if(_.da&&_.da.performance&&_.da.performance.memory){var b=_.da.performance.memory;if(b){var c=new hH;isNaN(b.jsHeapSizeLimit)\|\|_.Xf(c,1,_.Bd(Math.round(b.jsHeapSizeLimit).toString()));isNaN(b.totalJSHeapSize)\|\|_.Xf(c,2,_.Bd(Math.round(b.totalJSHeapSize).toString()));isNaN(b.usedJSHeapSize)\|\|_.Xf(c,3,_.Bd(Math.round(b.usedJSHeapSize).toString()));_.bm(a,hH,1,c)}}},cja=function(a){if(iH()){var b=performance.getEntriesByType("navigation");if(b&&b.length){var c=new jH;if(b=b[0]){switch(b.type){case "navigate":c.Qg(1); break;case "reload":c.Qg(2);break;case "back_forward":c.Qg(3);break;case "prerender":c.Qg(4);break;default:c.Qg(0)}var d=_.um(c,2,Math.round(b.startTime));d=_.um(d,3,Math.round(b.fetchStart));d=_.um(d,4,Math.round(b.domainLookupStart));d=_.um(d,5,Math.round(b.domainLookupEnd));d=_.um(d,6,Math.round(b.connectStart));d=_.um(d,7,Math.round(b.connectEnd));d=_.um(d,8,Math.round(b.requestStart));d=_.um(d,9,Math.round(b.responseStart));d=_.um(d,10,Math.round(b.responseEnd));var e=kH(Math.round(b.domInteractive)); d=_.um(d,11,e);e=kH(Math.round(b.domComplete));d=_.um(d,12,e);d=_.um(d,13,Math.round(b.loadEventStart));_.um(d,14,Math.round(b.loadEventEnd))}_.bm(a,jH,8,c)}}},kH=function(a){return Number.isFinite(a)?a:null},dja=function(a){if(iH()){var b=performance.getEntriesByType("resource");if(b&&b.length){for(var c=new lH,d=0,e=0,f=0,g=0,k=0,l=0,m=0,q=0,r=0,u=0,v=0;v<b.length;v++){var w=b[v],z=w.responseEnd-w.startTime;if(z>=0)switch(w.initiatorType){case "css":d++;e+=z;break;case "img":f++;g+=z;break;case "script":k++; l+=z;break;case "link":m++;q+=z;break;default:r++,u+=z}}d&&(b=_.um(c,1,d),_.um(b,2,Math.round(e/d)));f&&(d=_.um(c,3,f),_.um(d,4,Math.ro
URL: https://www.google.com/ Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://www.google.com/ Model: Joe Sandbox AI	{ "brands": [ "Google" ] }
	{ "brands": [ "Google" ] }
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.rX6... Model: Joe Sandbox AI	```json { "risk_score": 1, "reasoning": "The script primarily involves DOM manipulation and class management without any high-risk behaviors such as dynamic code execution or data exfiltration. It does not interact with external domains or use obfuscated code. The operations are typical for UI updates and event handling, indicating low risk." }
this.gbar_=this.gbar_\|\|{};(function(_){var window=this; try{ _.Ed=typeof AsyncContext!=="undefined"&&typeof AsyncContext.Snapshot==="function"?a=>a&&AsyncContext.Snapshot.wrap(a):a=>a; }catch(e){_._DumpException(e)} try{ _.xe=function(a){return _.Nb(a)&&a.nodeType==1};_.ye=function(a,b){if("textContent"in a)a.textContent=b;else if(a.nodeType==3)a.data=String(b);else if(a.firstChild&&a.firstChild.nodeType==3){for(;a.lastChild!=a.firstChild;)a.removeChild(a.lastChild);a.firstChild.data=String(b)}else _.ue(a),a.appendChild(_.ke(a).createTextNode(String(b)))};var ze;_.Ae=function(a,b,c){Array.isArray(c)&&(c=c.join(" "));const d="aria-"+b;c===""\|\|c==void 0?(ze\|\|(ze={atomic:!1,autocomplete:"none",dropeffect:"none",haspopup:!1,live:"off",multiline:!1,multiselectable:!1,orientation:"vertical",readonly:!1,relevant:"additions text",required:!1,sort:"none",busy:!1,disabled:!1,hidden:!1,invalid:"false"}),c=ze,b in c?a.setAttribute(d,c[b]):a.removeAttribute(d)):a.setAttribute(d,c)};var Ee;_.De=function(a,b,c,d,e,f){if(_.oc&&e)return _.Be(a);if(e&&!d)return!1;if(!_.mc){typeof b==="number"&&(b=_.Ce(b));const g=b==17\|\|b==18\|\|_.oc&&b==91;if((!c\|\|_.oc)&&g\|\|_.oc&&b==16&&(d\|\|f))return!1}if(_.nc&&d&&c)switch(a){case 220:case 219:case 221:case 192:case 186:case 189:case 187:case 188:case 190:case 191:case 192:case 222:return!1}switch(a){case 13:return _.mc?f\|\|e?!1:!(c&&d):!0;case 27:return!_.nc&&!_.mc}return _.mc&&(d\|\|e\|\|f)?!1:_.Be(a)}; _.Be=function(a){if(a>=48&&a<=57\|\|a>=96&&a<=106\|\|a>=65&&a<=90\|\|_.nc&&a==0)return!0;switch(a){case 32:case 43:case 63:case 64:case 107:case 109:case 110:case 111:case 186:case 59:case 189:case 187:case 61:case 188:case 190:case 191:case 192:case 222:case 219:case 220:case 221:case 163:case 58:return!0;case 173:case 171:return _.mc;default:return!1}};_.Ce=function(a){if(_.mc)a=Ee(a);else if(_.oc&&_.nc)switch(a){case 93:a=91}return a}; Ee=function(a){switch(a){case 61:return 187;case 59:return 186;case 173:return 189;case 224:return 91;case 0:return 224;default:return a}}; }catch(e){_._DumpException(e)} try{ var Fe,Ge,He;Fe=function(a){return typeof a.className=="string"?a.className:a.getAttribute&&a.getAttribute("class")\|\|""};Ge=function(a){return a.classList?a.classList:Fe(a).match(/\S+/g)\|\|[]};He=function(a,b){typeof a.className=="string"?a.className=b:a.setAttribute&&a.setAttribute("class",b)};_.V=function(a,b){return a.classList?a.classList.contains(b):_.va(Ge(a),b)};_.Ie=function(a,b){if(a.classList)a.classList.add(b);else if(!_.V(a,b)){const c=Fe(a);He(a,c+(c.length>0?" "+b:b))}}; _.Je=function(a,b){if(a.classList)Array.prototype.forEach.call(b,function(d){_.Ie(a,d)});else{var c={};Array.prototype.forEach.call(Ge(a),function(d){c[d]=!0});Array.prototype.forEach.call(b,function(d){c[d]=!0});b="";for(const d in c)b+=b.length>0?" "+d:d;He(a,b)}};_.Ke=function(a,b){a.classList?a.classList.remove(b):_.V(a,b)&&He(a,Array.prototype.filter.call(Ge(a),function(c){return c!=b}).join(" "))}; _.Le=function(a,b){a.classList?Array.prototype.forEach.call(b,function(c){_.Ke(a,c)}):He(a,Array.prototype.filter.call(Ge(a),function(c){return!_.va(b,c)}).join(" "))}; }catch(e){_._DumpException(e)} try{ _.Me=class extends _.Q{constructor(a){super(a)}}; }catch(e){_._DumpException(e)} try{ var Oe;_.Ne=function(a,b){b=_.ua(a,b);let c;(c=b>=0)&&Array.prototype.splice.call(a,b,1);return c};Oe=function(a,b){for(const c in a)if(b.call(void 0,a[c],c,a))return!0;return!1};_.Qe=function(a,b){this.type="function"==typeof _.Pe&&a instanceof _.Pe?String(a):a;this.currentTarget=this.target=b;this.defaultPrevented=this.i=!1};_.Qe.prototype.stopPropagation=function(){this.i=!0};_.Qe.prototype.preventDefault=function(){this.defaultPrevented=!0}; _.Re=function(a,b){_.Qe.call(this,a?a.type:"");this.relatedTarget=this.currentTarget=this.target=null;this.button=this.screenY=this.screenX=this.clientY=this.clientX=this.offsetY=this.offsetX=0;this.key="";this.charCode=this.keyCode=0;this.metaKey=this.shiftKey=this.altKey=this.ctrlKey=!1;this.state=null;this.poi
URL: https://www.google.com/ Model: Joe Sandbox AI	{ "brands": [ "Google" ] }
	{ "brands": [ "Google" ] }
URL: https://about.google/?fg=1&utm_source=google-US&utm_medium=referral&utm_campaign=hp-header Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Watch the video", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://about.google/?fg=1&utm_source=google-US&utm_medium=referral&utm_campaign=hp-header Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Watch the video", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://about.google/?fg=1&utm_source=google-US&utm_medium=referral&utm_campaign=hp-header Model: Joe Sandbox AI	{ "brands": [ "Google" ] }
	{ "brands": [ "Google" ] }
URL: https://about.google/?fg=1&utm_source=google-US&utm_medium=referral&utm_campaign=hp-header Model: Joe Sandbox AI	{ "brands": [ "Google" ] }
	{ "brands": [ "Google" ] }
URL: https://about.google/ Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Watch the video", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://about.google/ Model: Joe Sandbox AI	{ "brands": [ "Google" ] }
	{ "brands": [ "Google" ] }

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
104.25.233.53	http://is.gd/4vsazW	Get hash	malicious	Unknown	Browse	is.gd/4vsazW
239.255.255.250	http://sammobile.digidip.net/visit?url=https://massageclinic.com.au/wadblacks2&currurl=https://www.sammobile.com/2018/06/06/june-2018-security-patch-information-published-by-samsung/	Get hash	malicious	Gabagool	Browse
	http://tekascend.com	Get hash	malicious	Unknown	Browse
	https://www.facebook.com/nd/?groups%2F1890503424692037%2Frequests%2F&aref=1736211772582402&medium=email&mid=62b1fb1698c7dG5b016dc7de4cG62b134df5aa02G15&bcode=2.1736266217.AbwE-ZmXZYS4oNRxqqE&n_m=kbaker%40beachbody.com&n_sg=Q6bPBAFZX1Mx9VszlkbcFfVLHA3nPTNzix2i89aoCYRx0_63xA&rms=v2&irms=1	Get hash	malicious	Unknown	Browse
	https://rb.iphiview.com/rb/	Get hash	malicious	Unknown	Browse
	https://g248jqtc.r.ap-south-1.awstrack.me/L0/https://fub.direct/1/wpcpz2KV6CJLjr9Ku5V9crqS4vRSbleRYVQVlbRDO0VhTlcqWS8eK4WwWGYEcIFo0NTTfcu_ywSiT_-hMwRGjBfgg1rcvHOcCbgDl1KQiWE/https/westcommerce.com.br/e63o/1750871326/Ara/%23%3Fnl=amRpYkBhcmEuY29t/1/0109019433d34740-32de3bb4-8eb6-4b18-a944-d8e7ee993673-000000/ImcP_D-hsLxxvDJopI2vRjkqrI4=188	Get hash	malicious	Unknown	Browse
	https://www.kentuckyfriedsalmonpadon.com/caHbBZm	Get hash	malicious	Unknown	Browse
	https://publuu.com/flip-book/763064/1693399	Get hash	malicious	Unknown	Browse
	https://viirtus.com/?uhqubmdv=6b0cf7592247f0ce6faa27a3b42d16a0fdea3bcbc625e658150f2141942e41191a6f5794e3683bbd4b95a6a792b5cafae4f710289eba79c968c11a2e84a1f677	Get hash	malicious	Outlook Phishing, HTMLPhisher	Browse
	vRecording__0023secs__Stgusa.html	Get hash	malicious	Unknown	Browse
	Airbornemx_PAYOUT7370.odt	Get hash	malicious	Unknown	Browse
208.109.33.77	Factura35107263.msg	Get hash	malicious	Unknown	Browse

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
scone-pa.clients6.google.com	http://stereospoutfireextinguisher.com	Get hash	malicious	Unknown	Browse	142.250.186.138
	https://specificallycries.com	Get hash	malicious	Unknown	Browse	142.250.185.202
	5diately.msg	Get hash	malicious	Unknown	Browse	142.250.200.234
	https://ryouthed.com/click.php?key=ij553tkpbj8t1lsuduh3&SUB_ID_SHORT=47f1db28f063a1d38918a2dcc31e91eb&COST_CPC=0.000050&PLACEMENT_ID=25101964&CAMPAIGN_ID=1170410&PUBLISHER_ID=2361353&ZONE_ID=4463547	Get hash	malicious	Unknown	Browse	172.217.17.74
	http://cl4ycra.hgzcbqsqumhkfshql.com/kxosbfkve	Get hash	malicious	Unknown	Browse	172.217.19.234
	http://527newagain.top	Get hash	malicious	Unknown	Browse	142.250.185.74
	https://freeprintablepuzzles.co.uk/	Get hash	malicious	Unknown	Browse	142.250.74.202
	FINAL SETTLEMENT DOCUMENT_ LIEN WAVER DURATION- 57185f7898fa8b51ebd3deed1492e65365186c19.eml	Get hash	malicious	HTMLPhisher	Browse	142.250.186.170
	Downloader.dll	Get hash	malicious	Unknown	Browse	142.250.181.234
	zoHnNvuTkk.dll	Get hash	malicious	BumbleBee	Browse	216.58.206.42
plus.l.google.com	https://pharteewhi.xyz/	Get hash	malicious	Unknown	Browse	142.250.185.238
	file_83f986ef2d0592ef993924a8cc5b8d6a_2025-01-07_10_04_01_718000.zip	Get hash	malicious	Unknown	Browse	142.250.185.206
	Jeffparish.docx	Get hash	malicious	Unknown	Browse	142.250.184.238
	http://stereospoutfireextinguisher.com	Get hash	malicious	Unknown	Browse	142.250.185.238
	Remittance details.docx	Get hash	malicious	Unknown	Browse	142.250.184.206
	Remittance details.docx	Get hash	malicious	Unknown	Browse	172.217.16.206
	https://hacdct-my.sharepoint.com/:f:/g/personal/dmarra_hacdct_org/El0CfhNMVMNNuzPj6QGnrSQBywVLNW96w_XrX10UdRlfmQ?email=dhodder%40haigroup.com&e=d37USF&xsdata=MDV8MDJ8am1ja2lubGV5QGhhaWdyb3VwLmNvbXwyYzYxNmM3ZDhlNmU0YWM5MDJlMjA4ZGQyZTYzYjFmMnw4MjgxNWI4YzM3NzU0NTk5OTdjNzJiODc1MjhlNmY4M3wwfDB8NjM4NzE3NzMyNjY3MjIxNDQzfFVua25vd258VFdGcGJHWnNiM2Q4ZXlKRmJYQjBlVTFoY0draU9uUnlkV1VzSWxZaU9pSXdMakF1TURBd01DSXNJbEFpT2lKWGFXNHpNaUlzSWtGT0lqb2lUV0ZwYkNJc0lsZFVJam95ZlE9PXw0MDAwfHx8&sdata=bXM5KzduUjdVc3RFaFJsU1ZBR1d1enMxT3I3VitIdmc4MUlhZ25WT3dmWT0%3d	Get hash	malicious	HTMLPhisher	Browse	142.250.186.174
	Factura35107263.msg	Get hash	malicious	Unknown	Browse	142.250.185.238
	ZT0KQ1PC.exe	Get hash	malicious	PureLog Stealer, Vidar	Browse	216.58.212.174
	http://www.cipassoitalia.it/	Get hash	malicious	CAPTCHA Scam ClickFix	Browse	142.250.181.238
77.33.109.208.host.secureserver.net	Factura35107263.msg	Get hash	malicious	Unknown	Browse	208.109.33.77
google.com	http://tekascend.com	Get hash	malicious	Unknown	Browse	142.250.186.164
	http://sammobile.digidip.net/visit?url=https://massageclinic.com.au/wadblacks2&currurl=https://www.sammobile.com/2018/06/06/june-2018-security-patch-information-published-by-samsung/	Get hash	malicious	Gabagool	Browse	142.250.185.132
	http://tekascend.com	Get hash	malicious	Unknown	Browse	142.250.185.68
	https://www.facebook.com/nd/?groups%2F1890503424692037%2Frequests%2F&aref=1736211772582402&medium=email&mid=62b1fb1698c7dG5b016dc7de4cG62b134df5aa02G15&bcode=2.1736266217.AbwE-ZmXZYS4oNRxqqE&n_m=kbaker%40beachbody.com&n_sg=Q6bPBAFZX1Mx9VszlkbcFfVLHA3nPTNzix2i89aoCYRx0_63xA&rms=v2&irms=1	Get hash	malicious	Unknown	Browse	142.250.185.132
	https://rb.iphiview.com/rb/	Get hash	malicious	Unknown	Browse	142.250.186.132
	https://g248jqtc.r.ap-south-1.awstrack.me/L0/https://fub.direct/1/wpcpz2KV6CJLjr9Ku5V9crqS4vRSbleRYVQVlbRDO0VhTlcqWS8eK4WwWGYEcIFo0NTTfcu_ywSiT_-hMwRGjBfgg1rcvHOcCbgDl1KQiWE/https/westcommerce.com.br/e63o/1750871326/Ara/%23%3Fnl=amRpYkBhcmEuY29t/1/0109019433d34740-32de3bb4-8eb6-4b18-a944-d8e7ee993673-000000/ImcP_D-hsLxxvDJopI2vRjkqrI4=188	Get hash	malicious	Unknown	Browse	142.250.186.68
	https://www.kentuckyfriedsalmonpadon.com/caHbBZm	Get hash	malicious	Unknown	Browse	142.250.186.78
	download.ps1	Get hash	malicious	Unknown	Browse	172.217.1.100
	download.ps1	Get hash	malicious	Unknown	Browse	142.250.185.196
	https://publuu.com/flip-book/763064/1693399	Get hash	malicious	Unknown	Browse	142.250.186.100

ASNs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
SUCURI-SECUS	Factura35107263.msg	Get hash	malicious	Unknown	Browse	208.109.33.77
	x86.elf	Get hash	malicious	Mirai	Browse	208.109.135.150
	https://www.onsetcomp.com/files/software/hoboware/3.7.28/HOBOware_Free_Setup.exe	Get hash	malicious	Unknown	Browse	192.124.249.175
	http://prntbl.concejomunicipaldechinu.gov.co	Get hash	malicious	Unknown	Browse	192.124.249.105
	http://liathletic.com	Get hash	malicious	Unknown	Browse	192.124.249.59
	loligang.ppc.elf	Get hash	malicious	Mirai	Browse	208.109.31.233
	m68k.elf	Get hash	malicious	Mirai	Browse	208.109.135.159
	http://t.co/626Aq6uRYN	Get hash	malicious	Unknown	Browse	192.124.249.158
	file.exe	Get hash	malicious	LummaC, Amadey, Credential Flusher, LummaC Stealer, Stealc	Browse	208.109.77.116
	file.exe	Get hash	malicious	Unknown	Browse	208.109.77.116
CLOUDFLARENETUS	http://sammobile.digidip.net/visit?url=https://massageclinic.com.au/wadblacks2&currurl=https://www.sammobile.com/2018/06/06/june-2018-security-patch-information-published-by-samsung/	Get hash	malicious	Gabagool	Browse	172.67.74.152
	https://www.facebook.com/nd/?groups%2F1890503424692037%2Frequests%2F&aref=1736211772582402&medium=email&mid=62b1fb1698c7dG5b016dc7de4cG62b134df5aa02G15&bcode=2.1736266217.AbwE-ZmXZYS4oNRxqqE&n_m=kbaker%40beachbody.com&n_sg=Q6bPBAFZX1Mx9VszlkbcFfVLHA3nPTNzix2i89aoCYRx0_63xA&rms=v2&irms=1	Get hash	malicious	Unknown	Browse	1.1.1.1
	https://www.kentuckyfriedsalmonpadon.com/caHbBZm	Get hash	malicious	Unknown	Browse	104.22.57.245
	Solara_v3.exe	Get hash	malicious	Unknown	Browse	104.20.4.235
	Solara_v3.exe	Get hash	malicious	Unknown	Browse	104.20.3.235
	https://publuu.com/flip-book/763064/1693399	Get hash	malicious	Unknown	Browse	104.16.124.96
	https://viirtus.com/?uhqubmdv=6b0cf7592247f0ce6faa27a3b42d16a0fdea3bcbc625e658150f2141942e41191a6f5794e3683bbd4b95a6a792b5cafae4f710289eba79c968c11a2e84a1f677	Get hash	malicious	Outlook Phishing, HTMLPhisher	Browse	104.17.25.14
	SecurityScan_Release.exe	Get hash	malicious	Unknown	Browse	172.64.41.3
	SecurityScan_Release.exe	Get hash	malicious	Unknown	Browse	172.64.41.3
	http://11ofus.ca	Get hash	malicious	Unknown	Browse	104.17.25.14
TELKOMSEL-ASN-IDPTTelekomunikasiSelularID	miori.arm5.elf	Get hash	malicious	Unknown	Browse	39.198.157.128
	Mes_Drivers_3.0.4.exe	Get hash	malicious	Unknown	Browse	23.209.208.52
	m68k.elf	Get hash	malicious	Mirai	Browse	39.242.71.150
	Vernales Restaurant-encrypted.pdf	Get hash	malicious	HTMLPhisher	Browse	23.209.209.135
	https://www.scribd.com/document/787929982/script-tlsfrance	Get hash	malicious	Unknown	Browse	23.209.208.52
	z0r0.x86.elf	Get hash	malicious	Mirai	Browse	39.228.125.100
	armv5l.elf	Get hash	malicious	Unknown	Browse	182.14.149.246
	armv7l.elf	Get hash	malicious	Unknown	Browse	39.232.112.102
	1.elf	Get hash	malicious	Unknown	Browse	39.230.16.14
	fuckunix.sh4.elf	Get hash	malicious	Mirai	Browse	39.225.87.225

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2049)
Category:	dropped
Size (bytes):	14478
Entropy (8bit):	5.46897211761226
Encrypted:	false
SSDEEP:	384:IYim7O/sAg9U6KAQdkzFc+5aiWQLHO91mIuW:IoqUAh8vz5W2o
MD5:	4A2B1E83CCEA5A70AFDFC3F1434CA6A2
SHA1:	5A34C38829BDA10164EBDB1D1742F0B827247E39
SHA-256:	51F7939C541E0DD14D3C6AC44865499304ACA395BC72B7AF238C2F76C806FA71
SHA-512:	679B56AD35C3CAD0CFD98B57F011BD8442FECF520B05B650DFCD59D04485905D25AF1BC297FCC41A22FF655EF3EE6B35C606A5FE00811ADCB94C747F57AE2393
Malicious:	false
Reputation:	moderate, very likely benign file
Preview:	(function(){var aa=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a},ba=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");},ca=ba(this),g=function(a,b){if(b)a:{var c=ca;a=a.split(".");for(var d=0;d<a.length-.1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&aa(c,a,{configurable:!0,writable:!0,value:b})}},h=function(a,b,c){if(a==null)throw new TypeError("The 'this' value for String.prototype."+c+" must not be null or undefined");if(b instanceof RegExp)throw new TypeError("First argument to String.prototype."+c+" must not be a regular expression");return a+""};.g("String.prototype.endsWith",function(a){return a?a:function(b,c){var d=h(this

Source: https://www.google.com/	HTTP Parser: No favicon
Source: https://www.google.com/	HTTP Parser: No favicon
Source: https://www.google.com/	HTTP Parser: No favicon
Source: https://www.google.com/	HTTP Parser: No favicon
Source: https://www.google.com/	HTTP Parser: No favicon
Source: https://about.google/?fg=1&utm_source=google-US&utm_medium=referral&utm_campaign=hp-header	HTTP Parser: No favicon
Source: https://about.google/	HTTP Parser: No favicon
Source: https://about.google/	HTTP Parser: No favicon
Source: https://about.google/	HTTP Parser: No favicon
Source: https://about.google/	HTTP Parser: No favicon
Source: https://about.google/	HTTP Parser: No favicon
Source: https://about.google/	HTTP Parser: No favicon
Source: https://about.google/	HTTP Parser: No favicon
Source: https://about.google/	HTTP Parser: No favicon

Source: Joe Sandbox View	IP Address: 239.255.255.250 239.255.255.250
Source: Joe Sandbox View	IP Address: 104.25.233.53 104.25.233.53

Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.31.71
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.208.242
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.208.242
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.208.242
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.208.242
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.208.242
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.208.242
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.208.242
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.208.242
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.208.242
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.208.242
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.208.242
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.208.242
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.208.242
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.208.242
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.208.242
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.208.242
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.208.242
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.208.242

Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: href="https://www.youtube.com/?utm_source=about&utm_medium=referral&utm_campaign=footer-link" equals www.youtube.com (Youtube)
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: href="https://www.facebook.com/Google" equals www.facebook.com (Facebook)
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: href="https://www.linkedin.com/company/google" equals www.linkedin.com (Linkedin)
Source: chromecache_295.2.dr, chromecache_301.2.dr	String found in binary or memory: href="https://www.youtube.com/user/Google" equals www.youtube.com (Youtube)
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: (g.Dq(V,"redirector.googlevideo.com"),N=V.toString()):V.T.match("rr?[1-9].*\\.c\\.youtube\\.com$")?(g.Dq(V,"www.youtube.com"),N=V.toString()):(V=XQ9(N),XY(V)&&(N=V));V=new g.v1(N);V.set("cmo=pf","1");H&&V.set("cmo=td","a1.googlevideo.com");return V}; equals www.youtube.com (Youtube)
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: 0?"http":"https";this.Vn=H8((C?C.customBaseYoutubeUrl:p.BASE_YT_URL)\|\|"")\|\|H8(this.iW)\|\|this.protocol+"://www.youtube.com/";d=C?C.eventLabel:p.el;N="detailpage";d==="adunit"?N=this.S?"embedded":"detailpage":d==="embedded"\|\|this.D?(N=hm(N,d,gru),d!=="shortsaudiopivot"\|\|this.G("web_player_shorts_audio_pivot_event_label")\|\|(N="detailpage")):d&&(N="embedded");this.Wr=N;oQH();d=null;N=C?C.playerStyle:p.ps;X=g.W5(W$L,N);!N\|\|X&&!this.D\|\|(d=N);this.playerStyle=d;this.Y=g.W5(W$L,this.playerStyle);this.houseBrandUserStatus= equals www.youtube.com (Youtube)
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: C=this.api.K();p=this.api.getVideoData();var V="";C.V\|\|(C=g.zM(C),C.indexOf("www.")===0&&(C=C.substring(4)),V=g.t_(p)?"Watch on YouTube Music":C==="youtube.com"?"Watch on YouTube":g.Ks("Watch on $WEBSITE",{WEBSITE:C}));this.updateValue("title",V)}; equals www.youtube.com (Youtube)
Source: chromecache_364.2.dr, chromecache_379.2.dr	String found in binary or memory: Cf=y(["https://sandbox.google.com/tools/feedback/"]),Df=y(["https://www.google.cn/tools/feedback/"]),Ef=y(["https://help.youtube.com/tools/feedback/"]),Ff=y(["https://asx-frontend-staging.corp.google.com/inapp/"]),Gf=y(["https://asx-frontend-staging.corp.google.com/tools/feedback/"]),Hf=y(["https://localhost.corp.google.com/inapp/"]),If=y(["https://localhost.proxy.googlers.com/inapp/"]),Jf=U(lf),Kf=[U(mf),U(nf)],Lf=[U(of),U(pf),U(qf),U(rf),U(sf),U(tf),U(uf),U(vf),U(wf),U(xf)],Mf=[U(yf),U(zf)],Nf= equals www.youtube.com (Youtube)
Source: chromecache_276.2.dr, chromecache_340.2.dr	String found in binary or memory: De.prototype.initVideo_=function(a){a={videoId:this.videoElement_.getAttribute("data-glue-yt-video-vid"),playerVars:{controls:1,host:"https://www.youtube.com/",origin:window.location.origin,widget_referrer:window.location.origin,iv_load_policy:3},playerId:"player-"+a,events:{onReady:this.onVideoReady_.bind(this)}};this.ytVideo_=new N(this.videoElement_,a)};De.prototype.onVideoReady_=function(){this.player_=this.ytVideo_.getPlayer()}; equals www.youtube.com (Youtube)
Source: chromecache_326.2.dr	String found in binary or memory: GTy=function(p,C){if(!p.T["0"]){var V=new WB("0","fakesb",{video:new wO(0,0,0,void 0,void 0,"auto")});p.T["0"]=C?new zn(new g.v1("http://www.youtube.com/videoplayback"),V,"fake"):new VM(new g.v1("http://www.youtube.com/videoplayback"),V,new D0(0,0),new D0(0,0))}}; equals www.youtube.com (Youtube)
Source: chromecache_298.2.dr	String found in binary or memory: M.getElementsByTagName("iframe"),oa=Q.length,na=0;na<oa;na++)if(!v&&c(Q[na],H.Xe)){UK("https://www.youtube.com/iframe_api");v=!0;break}})}}else G(t.vtp_gtmOnSuccess)}var q=["www.youtube.com","www.youtube-nocookie.com"],r={UNSTARTED:-1,ENDED:0,PLAYING:1,PAUSED:2,BUFFERING:3,CUED:5},u,v=!1;X.__ytl=n;X.__ytl.o="ytl";X.__ytl.isVendorTemplate=!0;X.__ytl.priorityOverride=0;X.__ytl.isInfrastructure=!1; equals www.youtube.com (Youtube)
Source: chromecache_236.2.dr, chromecache_298.2.dr	String found in binary or memory: Math.round(q);t["gtm.videoElapsedTime"]=Math.round(f);t["gtm.videoPercent"]=r;t["gtm.videoVisible"]=u;return t},Ik:function(){e=nb()},Gd:function(){d()}}};var Vb=wa(["data-gtm-yt-inspected-"]),XD=["www.youtube.com","www.youtube-nocookie.com"],YD,ZD=!1; equals www.youtube.com (Youtube)
Source: chromecache_326.2.dr	String found in binary or memory: YI.prototype.Wd=function(){return this.w7.l()};var Vry=(new Date).getTime();var dkY="://secure-...imrworldwide.com/ ://cdn.imrworldwide.com/ ://aksecure.imrworldwide.com/ ://[^.]*.moatads.com ://youtube[0-9]+.moatpixel.com ://pm.adsafeprotected.com/youtube ://pm.test-adsafeprotected.com/youtube ://e[0-9]+.yt.srs.doubleverify.com www.google.com/pagead/xsul www.youtube.com/pagead/slav".split(" "),ihu=/\bocr\b/;var soV=/(?:\[\|%5B)([a-zA-Z0-9_]+)(?:\]\|%5D)/g;var ZhY=0,uLH=0,Uk1=0;var e0=null,Po=!1,vcy=1,LX=Symbol("SIGNAL"),gE={version:0,lIa:0,d2:!1,F4:void 0,Qw:void 0,mF:void 0,KG:0,uf:void 0,Kg:void 0,bH:!1,pE:!1,kind:"unknown",zbV:function(){return!1}, equals www.youtube.com (Youtube)
Source: chromecache_338.2.dr, chromecache_256.2.dr	String found in binary or memory: function X(a,b){this.v={};this.playerInfo={};this.videoTitle="";this.j=this.g=null;this.h=0;this.m=!1;this.l=[];this.i=null;this.A={};this.options=null;if(!a)throw Error("YouTube player element ID required.");this.id=qa(this);b=Object.assign({title:"video player",videoId:"",width:640,height:360},b\|\|{});var c=document;if(a=typeof a==="string"?c.getElementById(a):a){W.yt_embedsEnableRsaforFromIframeApi&&tb();c=a.tagName.toLowerCase()==="iframe";b.host\|\|(b.host=c?mb(a.src):"https://www.youtube.com");this.options= equals www.youtube.com (Youtube)
Source: chromecache_338.2.dr, chromecache_256.2.dr	String found in binary or memory: function tb(){var a=new rb,b=["https://www.youtube.com"];b=b===void 0?qb:b;oa(function(c){switch(c.g){case 1:return C(c,sb(),2);case 2:if(!c.m){c.g=3;break}return C(c,Promise.all(b.map(function(d){var g;return oa(function(k){if(k.g==1)return k.l=2,C(k,navigator.permissions.query({name:"top-level-storage-access",requestedOrigin:d}),4);k.g!=2?(g=k.m,g.state==="prompt"&&a.g.push(d),k.g=0,k.l=0):(k.l=0,k.i=null,k.g=0)})})),4); equals www.youtube.com (Youtube)
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: g.GM=function(p){var C=g.zM(p);Ha9.includes(C)&&(C="www.youtube.com");return p.protocol+"://"+C}; equals www.youtube.com (Youtube)
Source: chromecache_326.2.dr	String found in binary or memory: g.h.getVideoUrl=function(p,C,V,N,H,X,d){C={list:C};V&&(H?C.time_continue=V:C.t=V);V=d?"music.youtube.com":g.zM(this);H=V==="www.youtube.com";!X&&N&&H?X="https://youtu.be/"+p:g.yj(this)?(X="https://"+V+"/fire",C.v=p):(X&&H?(X=this.protocol+"://"+V+"/shorts/"+p,N&&(C.feature="share")):(X=this.protocol+"://"+V+"/watch",C.v=p),BW&&(p=LGj())&&(C.ebc=p));return g.GD(X,C)}; equals www.youtube.com (Youtube)
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: g.zM=function(p){p=AR(p.Vn);return p==="www.youtube-nocookie.com"?"www.youtube.com":p}; equals www.youtube.com (Youtube)
Source: chromecache_276.2.dr, chromecache_340.2.dr	String found in binary or memory: gd.TABSET_PANELCONTAINER="glue-tabs__panelgroup";gd.TABSET_PAGE="glue-tabs__panel";var hd,id=hd\|\|(hd={});id.PANELS_KEY="data-glue-expansion-panels-key";id.TOGGLEFOR="data-glue-expansion-panel-toggle-for";id.INITIAL="data-glue-expansion-panel-initial";var jd,kd=jd\|\|(jd={});kd.MISSING_PAGE_LIST="No element with glue-tabpanels__page-list class was found. TabPanels requires a Panels Page List";kd.MISSING_PANEL_LIST="No element with glue-tabpanels__panel-list class was found. TabPanels requires a Panel List";var ld;(ld\|\|(ld={})).IFRAME_SCRIPT_URL="https://www.youtube.com/iframe_api";var md,nd=md\|\|(md={});nd.YT_IFRAME_READY_EVENT="onYouTubeIframeAPIReady";nd.API_INITIALIZED="glue.ui.ytVideo.IframeApiInitalized";nd.IS_VISIBLE="glue.isVisible";nd.IS_HIDDEN="glue.isHidden";var od,pd=od\|\|(od={});pd.VIDEO_ID="glueYtVideoId";pd.PLAYER_ID="glueYtPlayerId";pd.HEIGHT="glueYtVideoHeight";pd.WIDTH="glueYtVideoWidth";pd.PLAYER_VARS="glueYtVideoPlayerVars";function qd(){this.apiInitialized=this.isApiReady();this.videoObjects=new Map;this.init()}qd.getManager=function(){qd.instance\|\|(qd.instance=new qd);return qd.instance};qd.destroyManager=function(){qd.instance=void 0}; equals www.youtube.com (Youtube)
Source: chromecache_319.2.dr, chromecache_235.2.dr, chromecache_320.2.dr, chromecache_339.2.dr	String found in binary or memory: inline:{css:1},disableRealtimeCallback:!1,drive_share:{skipInitCommand:!0},csi:{rate:.01},client:{cors:!1},signInDeprecation:{rate:0},include_granted_scopes:!0,llang:"en",iframes:{youtube:{params:{location:["search","hash"]},url:":socialhost:/:session_prefix:_/widget/render/youtube?usegapi=1",methods:["scroll","openwindow"]},ytsubscribe:{url:"https://www.youtube.com/subscribe_embed?usegapi=1"},plus_circle:{params:{url:""},url:":socialhost:/:session_prefix::se:_/widget/plus/circle?usegapi=1"}, equals www.youtube.com (Youtube)
Source: chromecache_326.2.dr	String found in binary or memory: p))):this.api.K().G("enable_adb_handling_in_sabr")&&V==="BROWSER_OR_EXTENSION_ERROR"&&!N.Y?(N=N.hostLanguage,p="//support.google.com/youtube/answer/3037019#zippy=%2Cupdate-your-browser-and-check-your-extensions",N&&(p=g.GD(p,{hl:N})),this.Jc(j4(this,"BROWSER_OR_EXTENSION_ERROR",p))):this.Jc(g.pZ(p.errorMessage)):this.Jc(j4(this,"HTML5_NO_AVAILABLE_FORMATS_FALLBACK_WITH_LINK_SHORT","//www.youtube.com/supported_browsers")):(p=N.hostLanguage,V="//support.google.com/youtube/?p=player_error1",p&&(V=g.GD(V, equals www.youtube.com (Youtube)
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: p.details.rc!=="429"?p.errorCode==="ump.spsrejectfailure"&&(H="HTML5_SPS_UMP_STATUS_REJECTED"):(H="TOO_MANY_REQUESTS",X="6");this.Ta.a_(p.errorCode,p.severity,H,yu(p.details),X)}else this.Ta.publish("nonfatalerror",p),N=/^pp/.test(this.videoData.clientPlaybackNonce),this.oN(p.errorCode,p.details),N&&p.errorCode==="manifest.net.connect"&&(p="https://www.youtube.com/generate_204?cpn="+this.videoData.clientPlaybackNonce+"&t="+(0,g.Ip)(),kv(p,"manifest",function(d){C.Y=!0;C.k_("pathprobe",d)},function(d){C.oN(d.errorCode, equals www.youtube.com (Youtube)
Source: chromecache_276.2.dr, chromecache_340.2.dr	String found in binary or memory: qd.prototype.init=function(){var a=this,c=new Event("Event");c.initEvent(md.API_INITIALIZED,!0,!1);this.apiInitialized?document.dispatchEvent(c):this.apiInitPromise=new Promise(function(e){window.onYouTubeIframeAPIReady=function(){a.apiInitialized=!0;document.dispatchEvent(c);e()}});if(!window.YT){var d=document.createElement("script");document.body.appendChild(d);d.src="https://www.youtube.com/iframe_api"}};qd.prototype.isApiReady=function(){return"object"===typeof window.YT&&"function"===typeof window.YT.Player}; equals www.youtube.com (Youtube)
Source: chromecache_355.2.dr, chromecache_278.2.dr, chromecache_389.2.dr, chromecache_237.2.dr	String found in binary or memory: return b}VD.F="internal.enableAutoEventOnTimer";var Vb=wa(["data-gtm-yt-inspected-"]),XD=["www.youtube.com","www.youtube-nocookie.com"],YD,ZD=!1; equals www.youtube.com (Youtube)
Source: chromecache_326.2.dr	String found in binary or memory: this.KS=!this.va;this.enabledEngageTypes=new Set;this.deviceIsAudioOnly=!(C==null\|\|!C.deviceIsAudioOnly);this.I6=sB(this.I6,p.ismb);this.MR?(M=p.vss_host\|\|"s.youtube.com",M==="s.youtube.com"&&(M=AR(this.Vn)\|\|"www.youtube.com")):M="video.google.com";this.jS=M;og(this,p,!0);this.vr=new CI;g.R(this,this.vr);T=C?C.innertubeApiKey:a_("",p.innertube_api_key);c=C?C.innertubeApiVersion:a_("",p.innertube_api_version);M=C?C.innertubeContextClientVersion:a_("",p.innertube_context_client_version);T=g.pO("INNERTUBE_API_KEY")\|\| equals www.youtube.com (Youtube)
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: this.yn.sY&&(p.authuser=this.yn.sY);this.yn.pageId&&(p.pageid=this.yn.pageId);isNaN(this.cryptoPeriodIndex)\|\|(p.cpi=this.cryptoPeriodIndex.toString());var H=(H=/_(TV\|STB\|GAME\|OTT\|ATV\|BDP)_/.exec(g.f0()))?H[1]:"";H==="ATV"&&(p.cdt=H);this.W=p;this.W.session_id=N;this.a$=!0;this.C.flavor==="widevine"&&(this.W.hdr="1");this.C.flavor==="playready"&&(C=Number(Wb(C.experiments,"playready_first_play_expiration")),!isNaN(C)&&C>=0&&(this.W.mfpe=""+C),this.a$=!1);C="";g.o5(this.C)?Az(this.C)?(N=V.C)&&(C="https://www.youtube.com/api/drm/fps?ek="+ equals www.youtube.com (Youtube)
Source: chromecache_373.2.dr	String found in binary or memory: var scriptUrl = 'https:\/\/www.youtube.com\/s\/player\/03dbdfab\/www-widgetapi.vflset\/www-widgetapi.js';try{var ttPolicy=window.trustedTypes.createPolicy("youtube-widget-api",{createScriptURL:function(x){return x}});scriptUrl=ttPolicy.createScriptURL(scriptUrl)}catch(e){}var YT;if(!window["YT"])YT={loading:0,loaded:0};var YTConfig;if(!window["YTConfig"])YTConfig={"host":"https://www.youtube.com"}; equals www.youtube.com (Youtube)
Source: chromecache_396.2.dr, chromecache_326.2.dr	String found in binary or memory: var uk={};var fmP={YE:[{Rn:/Unable to load player module/,weight:20},{Rn:/Failed to fetch/,weight:500},{Rn:/XHR API fetch failed/,weight:10},{Rn:/JSON parsing failed after XHR fetch/,weight:10},{Rn:/Retrying OnePlatform request/,weight:10},{Rn:/CSN Missing or undefined during playback association/,weight:100},{Rn:/Non-recoverable error. Do not retry./,weight:0},{Rn:/Internal Error. Retry with an exponential backoff./,weight:0},{Rn:/API disabled by application./,weight:0}],y8:[{callback:cu9,weight:500}]};var fPX=/[&\?]action_proxy=1/,UJs=/[&\?]token=([\w-])/,OLY=/[&\?]video_id=([\w-])/,yuQ=/[&\?]index=([\d-])/,qqv=/[&\?]m_pos_ms=([\d-])/,bLy=/[&\?]vvt=([\w-]*)/,mJV="ca_type dt el flash u_tz u_his u_h u_w u_ah u_aw u_cd u_nplug u_nmime frm u_java bc bih biw brdim vis wgl".split(" "),IPH="www.youtube-nocookie.com youtube-nocookie.com www.youtube-nocookie.com:443 youtube.googleapis.com www.youtubeedu.com www.youtubeeducation.com video.google.com redirector.gvt1.com".split(" "),SqX={android:"ANDROID", equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: archivofdb.online
Source: global traffic	DNS traffic detected: DNS query: is.gd
Source: global traffic	DNS traffic detected: DNS query: 77.33.109.208.host.secureserver.net
Source: global traffic	DNS traffic detected: DNS query: google.com
Source: global traffic	DNS traffic detected: DNS query: ogs.google.com
Source: global traffic	DNS traffic detected: DNS query: apis.google.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: about.google
Source: global traffic	DNS traffic detected: DNS query: lh3.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: www.blog.google
Source: global traffic	DNS traffic detected: DNS query: blog.google
Source: global traffic	DNS traffic detected: DNS query: www.youtube.com
Source: global traffic	DNS traffic detected: DNS query: csp.withgoogle.com
Source: global traffic	DNS traffic detected: DNS query: scone-pa.clients6.google.com
Source: global traffic	DNS traffic detected: DNS query: i.ytimg.com
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: static.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: yt3.ggpht.com

File type:	HTML document, ASCII text, with very long lines (504), with CRLF line terminators
Entropy (8bit):	5.368697271326724
TrID:	HyperText Markup Language (13003/1) 100.00%
File name:	FACTURAMAIL.html
File size:	6'512 bytes
MD5:	97bf8733d8d0f3122b7780a8fdc1c2d7
SHA1:	a940b99f353ed649d05b72e169253d1497ddc25a
SHA256:	de285b9f73391d5476dbe764acdd14be8a95df42d16a26df8e7299c785d0e234
SHA512:	ad88ef80b2e5851139a5cdb0da1a4c89abd661e28a10c18b5c130554ebc945d050df90584796cb635a9ba7a2090bedf6cf4568327ffa2218b5bb42c9ec72d133
SSDEEP:	96:PS7LXkP0LASIQy4x/4ZXDqoz9EEWHUVEy0Erj:PSvXa0M+y4xKzNxrVMC
TLSH:	D6D1642B5C539C2A56B342F4D471E78AD0819209EB43DD95E6F01BCBB3D0FDA984B349
File Content Preview:	..<!DOCTYPE html>..<html class="js windows webkit chrome chrome121 page-dereferrer themegroup-unifiedmailcomblue iac theme-mailcomblue" id="html-tag" theme="mailcomblue" lang="en-US">..<head><meta http-equiv="Content-Type" content="text/html; charset=UTF-

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jan 7, 2025 18:01:13.682909012 CET	192.168.2.4	1.1.1.1	0x46f9	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:01:13.683470964 CET	192.168.2.4	1.1.1.1	0xeb81	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jan 7, 2025 18:01:40.049983025 CET	192.168.2.4	1.1.1.1	0x7dcf	Standard query (0)	archivofdb.online	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:01:40.050196886 CET	192.168.2.4	1.1.1.1	0x8a75	Standard query (0)	archivofdb.online	65	IN (0x0001)	false
Jan 7, 2025 18:01:40.784998894 CET	192.168.2.4	1.1.1.1	0xee53	Standard query (0)	is.gd	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:01:40.785178900 CET	192.168.2.4	1.1.1.1	0x849a	Standard query (0)	is.gd	65	IN (0x0001)	false
Jan 7, 2025 18:01:41.572757959 CET	192.168.2.4	1.1.1.1	0xc31d	Standard query (0)	77.33.109.208.host.secureserver.net	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:01:41.573415995 CET	192.168.2.4	1.1.1.1	0x3c2e	Standard query (0)	77.33.109.208.host.secureserver.net	65	IN (0x0001)	false
Jan 7, 2025 18:01:42.479866028 CET	192.168.2.4	1.1.1.1	0x73bc	Standard query (0)	google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:01:42.480180979 CET	192.168.2.4	1.1.1.1	0x1cf5	Standard query (0)	google.com	65	IN (0x0001)	false
Jan 7, 2025 18:01:45.523370028 CET	192.168.2.4	1.1.1.1	0x4cf	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:01:45.523881912 CET	192.168.2.4	1.1.1.1	0x2307	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jan 7, 2025 18:01:47.847595930 CET	192.168.2.4	1.1.1.1	0xbff	Standard query (0)	ogs.google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:01:47.848160028 CET	192.168.2.4	1.1.1.1	0x2e6a	Standard query (0)	ogs.google.com	65	IN (0x0001)	false
Jan 7, 2025 18:01:47.860759974 CET	192.168.2.4	1.1.1.1	0xd5c6	Standard query (0)	apis.google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:01:47.861145020 CET	192.168.2.4	1.1.1.1	0x64ce	Standard query (0)	apis.google.com	65	IN (0x0001)	false
Jan 7, 2025 18:01:48.896492004 CET	192.168.2.4	1.1.1.1	0x6538	Standard query (0)	play.google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:01:48.896651983 CET	192.168.2.4	1.1.1.1	0x3216	Standard query (0)	play.google.com	65	IN (0x0001)	false
Jan 7, 2025 18:01:49.458646059 CET	192.168.2.4	1.1.1.1	0x4b11	Standard query (0)	apis.google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:01:49.458794117 CET	192.168.2.4	1.1.1.1	0xd0db	Standard query (0)	apis.google.com	65	IN (0x0001)	false
Jan 7, 2025 18:01:49.941417933 CET	192.168.2.4	1.1.1.1	0x8797	Standard query (0)	play.google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:01:49.941730976 CET	192.168.2.4	1.1.1.1	0x1a3c	Standard query (0)	play.google.com	65	IN (0x0001)	false
Jan 7, 2025 18:02:03.040879965 CET	192.168.2.4	1.1.1.1	0x6d80	Standard query (0)	about.google	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:03.040997982 CET	192.168.2.4	1.1.1.1	0xb611	Standard query (0)	about.google	65	IN (0x0001)	false
Jan 7, 2025 18:02:05.153347015 CET	192.168.2.4	1.1.1.1	0x78c1	Standard query (0)	lh3.googleusercontent.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:05.153503895 CET	192.168.2.4	1.1.1.1	0x289b	Standard query (0)	lh3.googleusercontent.com	65	IN (0x0001)	false
Jan 7, 2025 18:02:05.481761932 CET	192.168.2.4	1.1.1.1	0x1715	Standard query (0)	about.google	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:05.481918097 CET	192.168.2.4	1.1.1.1	0xdd8f	Standard query (0)	about.google	65	IN (0x0001)	false
Jan 7, 2025 18:02:06.380229950 CET	192.168.2.4	1.1.1.1	0xdd7d	Standard query (0)	lh3.googleusercontent.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:06.380429029 CET	192.168.2.4	1.1.1.1	0xde73	Standard query (0)	lh3.googleusercontent.com	65	IN (0x0001)	false
Jan 7, 2025 18:02:06.442450047 CET	192.168.2.4	1.1.1.1	0x6ad7	Standard query (0)	www.blog.google	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:06.442686081 CET	192.168.2.4	1.1.1.1	0x80f7	Standard query (0)	www.blog.google	65	IN (0x0001)	false
Jan 7, 2025 18:02:08.279114962 CET	192.168.2.4	1.1.1.1	0x1ea9	Standard query (0)	blog.google	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:08.279336929 CET	192.168.2.4	1.1.1.1	0x3494	Standard query (0)	blog.google	65	IN (0x0001)	false
Jan 7, 2025 18:02:08.600503922 CET	192.168.2.4	1.1.1.1	0xf32c	Standard query (0)	www.youtube.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:08.600634098 CET	192.168.2.4	1.1.1.1	0x1538	Standard query (0)	www.youtube.com	65	IN (0x0001)	false
Jan 7, 2025 18:02:08.601886034 CET	192.168.2.4	1.1.1.1	0x48db	Standard query (0)	apis.google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:08.602066994 CET	192.168.2.4	1.1.1.1	0xa02c	Standard query (0)	apis.google.com	65	IN (0x0001)	false
Jan 7, 2025 18:02:09.050322056 CET	192.168.2.4	1.1.1.1	0x914e	Standard query (0)	blog.google	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:09.050472975 CET	192.168.2.4	1.1.1.1	0xad86	Standard query (0)	blog.google	65	IN (0x0001)	false
Jan 7, 2025 18:02:09.060091972 CET	192.168.2.4	1.1.1.1	0x4e13	Standard query (0)	csp.withgoogle.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:09.060132980 CET	192.168.2.4	1.1.1.1	0xc3c7	Standard query (0)	csp.withgoogle.com	65	IN (0x0001)	false
Jan 7, 2025 18:02:09.549354076 CET	192.168.2.4	1.1.1.1	0x3391	Standard query (0)	www.youtube.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:09.549525976 CET	192.168.2.4	1.1.1.1	0xe667	Standard query (0)	www.youtube.com	65	IN (0x0001)	false
Jan 7, 2025 18:02:11.231426001 CET	192.168.2.4	1.1.1.1	0xd857	Standard query (0)	www.youtube.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:11.232353926 CET	192.168.2.4	1.1.1.1	0xefb	Standard query (0)	www.youtube.com	65	IN (0x0001)	false
Jan 7, 2025 18:02:11.353799105 CET	192.168.2.4	1.1.1.1	0xd8b3	Standard query (0)	scone-pa.clients6.google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:11.354218960 CET	192.168.2.4	1.1.1.1	0xc2ae	Standard query (0)	scone-pa.clients6.google.com	65	IN (0x0001)	false
Jan 7, 2025 18:02:12.367733955 CET	192.168.2.4	1.1.1.1	0x3ef5	Standard query (0)	apis.google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:12.367903948 CET	192.168.2.4	1.1.1.1	0x6070	Standard query (0)	apis.google.com	65	IN (0x0001)	false
Jan 7, 2025 18:02:12.466268063 CET	192.168.2.4	1.1.1.1	0x8e69	Standard query (0)	i.ytimg.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:12.466558933 CET	192.168.2.4	1.1.1.1	0x5c43	Standard query (0)	i.ytimg.com	65	IN (0x0001)	false
Jan 7, 2025 18:02:15.823095083 CET	192.168.2.4	1.1.1.1	0x5f08	Standard query (0)	scone-pa.clients6.google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:15.823435068 CET	192.168.2.4	1.1.1.1	0x834	Standard query (0)	scone-pa.clients6.google.com	65	IN (0x0001)	false
Jan 7, 2025 18:02:16.476315975 CET	192.168.2.4	1.1.1.1	0xdfd7	Standard query (0)	googleads.g.doubleclick.net	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:16.476509094 CET	192.168.2.4	1.1.1.1	0x56e0	Standard query (0)	googleads.g.doubleclick.net	65	IN (0x0001)	false
Jan 7, 2025 18:02:16.485416889 CET	192.168.2.4	1.1.1.1	0x9fe9	Standard query (0)	static.doubleclick.net	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:16.485577106 CET	192.168.2.4	1.1.1.1	0x7fc	Standard query (0)	static.doubleclick.net	65	IN (0x0001)	false
Jan 7, 2025 18:02:16.627723932 CET	192.168.2.4	1.1.1.1	0xa8e	Standard query (0)	yt3.ggpht.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:16.646492958 CET	192.168.2.4	1.1.1.1	0x2a64	Standard query (0)	yt3.ggpht.com	65	IN (0x0001)	false
Jan 7, 2025 18:02:16.967268944 CET	192.168.2.4	1.1.1.1	0xd1ca	Standard query (0)	i.ytimg.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:16.967861891 CET	192.168.2.4	1.1.1.1	0x50e3	Standard query (0)	i.ytimg.com	65	IN (0x0001)	false
Jan 7, 2025 18:02:17.424516916 CET	192.168.2.4	1.1.1.1	0x87fa	Standard query (0)	static.doubleclick.net	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:17.424731970 CET	192.168.2.4	1.1.1.1	0xc95	Standard query (0)	static.doubleclick.net	65	IN (0x0001)	false
Jan 7, 2025 18:02:17.494297981 CET	192.168.2.4	1.1.1.1	0xfd2b	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:17.494560003 CET	192.168.2.4	1.1.1.1	0x576a	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jan 7, 2025 18:02:17.780486107 CET	192.168.2.4	1.1.1.1	0xabfd	Standard query (0)	yt3.ggpht.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:17.780637026 CET	192.168.2.4	1.1.1.1	0x8621	Standard query (0)	yt3.ggpht.com	65	IN (0x0001)	false
Jan 7, 2025 18:02:18.387178898 CET	192.168.2.4	1.1.1.1	0x18ab	Standard query (0)	googleads.g.doubleclick.net	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:18.387547016 CET	192.168.2.4	1.1.1.1	0xe960	Standard query (0)	googleads.g.doubleclick.net	65	IN (0x0001)	false
Jan 7, 2025 18:02:19.760343075 CET	192.168.2.4	1.1.1.1	0x5c86	Standard query (0)	play.google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:02:19.760694027 CET	192.168.2.4	1.1.1.1	0xd2c6	Standard query (0)	play.google.com	65	IN (0x0001)	false
Jan 7, 2025 18:03:11.802093029 CET	192.168.2.4	1.1.1.1	0xba0e	Standard query (0)	play.google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:03:11.802390099 CET	192.168.2.4	1.1.1.1	0xe04	Standard query (0)	play.google.com	65	IN (0x0001)	false
Jan 7, 2025 18:03:41.576972961 CET	192.168.2.4	1.1.1.1	0xae	Standard query (0)	play.google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:03:41.577258110 CET	192.168.2.4	1.1.1.1	0xd86f	Standard query (0)	play.google.com	65	IN (0x0001)	false
Jan 7, 2025 18:04:05.425664902 CET	192.168.2.4	1.1.1.1	0xe90f	Standard query (0)	about.google	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:04:05.425796986 CET	192.168.2.4	1.1.1.1	0x70e8	Standard query (0)	about.google	65	IN (0x0001)	false
Jan 7, 2025 18:04:05.463610888 CET	192.168.2.4	1.1.1.1	0x9bd5	Standard query (0)	www.youtube.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:04:05.463922024 CET	192.168.2.4	1.1.1.1	0xc5a	Standard query (0)	www.youtube.com	65	IN (0x0001)	false
Jan 7, 2025 18:04:06.833733082 CET	192.168.2.4	1.1.1.1	0xdc26	Standard query (0)	blog.google	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:04:06.833901882 CET	192.168.2.4	1.1.1.1	0x79ed	Standard query (0)	blog.google	65	IN (0x0001)	false
Jan 7, 2025 18:04:07.882689953 CET	192.168.2.4	1.1.1.1	0x10d3	Standard query (0)	scone-pa.clients6.google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:04:07.882843018 CET	192.168.2.4	1.1.1.1	0xd438	Standard query (0)	scone-pa.clients6.google.com	65	IN (0x0001)	false
Jan 7, 2025 18:04:08.541048050 CET	192.168.2.4	1.1.1.1	0x31f3	Standard query (0)	i.ytimg.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:04:08.541205883 CET	192.168.2.4	1.1.1.1	0xde65	Standard query (0)	i.ytimg.com	65	IN (0x0001)	false
Jan 7, 2025 18:04:08.625910044 CET	192.168.2.4	1.1.1.1	0xfa4c	Standard query (0)	googleads.g.doubleclick.net	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:04:08.626055956 CET	192.168.2.4	1.1.1.1	0xea52	Standard query (0)	googleads.g.doubleclick.net	65	IN (0x0001)	false
Jan 7, 2025 18:04:11.529035091 CET	192.168.2.4	1.1.1.1	0x9c40	Standard query (0)	scone-pa.clients6.google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:04:11.529221058 CET	192.168.2.4	1.1.1.1	0xc324	Standard query (0)	scone-pa.clients6.google.com	65	IN (0x0001)	false
Jan 7, 2025 18:04:12.625940084 CET	192.168.2.4	1.1.1.1	0x387f	Standard query (0)	play.google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 18:04:12.632128954 CET	192.168.2.4	1.1.1.1	0xe882	Standard query (0)	play.google.com	65	IN (0x0001)	false

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:11 UTC	589	OUT	GET /3c-cdn/mail/client/wicket/resource/static-res/---/normalize-vEr-C4993EF0FA346DF36C229DFCB913BBD3.css HTTP/1.1 Host: s.uicdn.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-07 17:01:11 UTC	472	IN	HTTP/1.1 200 OK Server: nginx Content-Type: text/css Content-Length: 2215 X-Robots-Tag: noindex, nofollow Last-Modified: Friday, 11-Oct-2024 15:59:01 GMT Pragma: cache Content-Disposition: inline Accept-Range: bytes Access-Control-Allow-Origin: * Access-Control-Allow-Methods: POST, GET, OPTIONS Access-Control-Max-Age: 1728000 X-Content-Type-Options: nosniff Cache-Control: public, max-age=31125877 Date: Tue, 07 Jan 2025 17:01:11 GMT Connection: close
2025-01-07 17:01:11 UTC	2215	IN	Data Raw: 2f 2a 21 20 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 76 31 2e 30 2e 31 20 7c 20 4d 49 54 20 4c 69 63 65 6e 73 65 20 7c 20 67 69 74 2e 69 6f 2f 6e 6f 72 6d 61 6c 69 7a 65 20 2a 2f 61 72 74 69 63 6c 65 2c 61 73 69 64 65 2c 64 65 74 61 69 6c 73 2c 66 69 67 63 61 70 74 69 6f 6e 2c 66 69 67 75 72 65 2c 66 6f 6f 74 65 72 2c 68 65 61 64 65 72 2c 68 67 72 6f 75 70 2c 6e 61 76 2c 73 65 63 74 69 6f 6e 2c 73 75 6d 6d 61 72 79 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 61 75 64 69 6f 2c 63 61 6e 76 61 73 2c 76 69 64 65 6f 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 61 75 64 69 6f 3a 6e 6f 74 28 5b 63 6f 6e 74 72 6f 6c 73 5d 29 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 68 65 69 67 68 74 3a 30 7d 5b 68 69 64 64 65 6e 5d 7b 64 69 73 70 6c 61 79 Data Ascii: /! normalize.css v1.0.1 \| MIT License \| git.io/normalize /article,aside,details,figcaption,figure,footer,header,hgroup,nav,section,summary{display:block}audio,canvas,video{display:inline-block}audio:not([controls]){display:none;height:0}[hidden]{display

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:11 UTC	529	OUT	GET /fd-cdn/lux-0.1.55/build/css/mail_com.css HTTP/1.1 Host: s.uicdn.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-07 17:01:11 UTC	288	IN	HTTP/1.1 200 OK Access-Control-Allow-Origin: * Content-Type: text/css ETag: "195f-5bd52c125c840-gzip" Last-Modified: Fri, 12 Mar 2021 08:33:29 GMT Server: Apache Cache-Control: public, max-age=1479014 Date: Tue, 07 Jan 2025 17:01:11 GMT Content-Length: 6495 Connection: close
2025-01-07 17:01:11 UTC	6495	IN	Data Raw: 3a 72 6f 6f 74 20 7b 0a 20 20 2d 2d 63 6f 6c 6f 72 2d 61 3a 20 23 30 30 34 37 38 38 3b 0a 20 20 2d 2d 63 6f 6c 6f 72 2d 61 2d 64 31 30 3a 20 23 30 30 34 30 37 61 3b 0a 20 20 2d 2d 63 6f 6c 6f 72 2d 61 2d 64 32 30 3a 20 23 30 30 33 39 36 64 3b 0a 20 20 2d 2d 63 6f 6c 6f 72 2d 61 2d 6c 31 35 3a 20 23 32 36 36 33 39 61 3b 0a 20 20 2d 2d 63 6f 6c 6f 72 2d 61 2d 6c 33 30 3a 20 23 34 64 37 65 61 63 3b 0a 20 20 2d 2d 63 6f 6c 6f 72 2d 61 2d 6c 34 30 3a 20 23 36 36 39 31 62 38 3b 0a 20 20 2d 2d 63 6f 6c 6f 72 2d 61 2d 6c 35 30 3a 20 23 38 30 61 33 63 34 3b 0a 20 20 2d 2d 63 6f 6c 6f 72 2d 61 2d 6c 37 30 3a 20 23 62 33 63 38 64 62 3b 0a 20 20 2d 2d 63 6f 6c 6f 72 2d 61 2d 6c 38 32 3a 20 23 64 31 64 65 65 61 3b 0a 20 20 2d 2d 63 6f 6c 6f 72 2d 61 2d 6c 39 34 3a 20 Data Ascii: :root { --color-a: #004788; --color-a-d10: #00407a; --color-a-d20: #00396d; --color-a-l15: #26639a; --color-a-l30: #4d7eac; --color-a-l40: #6691b8; --color-a-l50: #80a3c4; --color-a-l70: #b3c8db; --color-a-l82: #d1deea; --color-a-l94:

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:12 UTC	572	OUT	GET /3c-cdn/mail/client/wicket/resource/static-res/---/js/core-vEr-87B19EB8C947E6FDD4709765CF510815.js HTTP/1.1 Host: s.uicdn.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-07 17:01:12 UTC	487	IN	HTTP/1.1 200 OK Server: nginx Content-Type: application/javascript Content-Length: 61213 X-Robots-Tag: noindex, nofollow Last-Modified: Sunday, 20-Oct-2024 23:17:48 GMT Pragma: cache Content-Disposition: inline Accept-Range: bytes Access-Control-Allow-Origin: * Access-Control-Allow-Methods: POST, GET, OPTIONS Access-Control-Max-Age: 1728000 X-Content-Type-Options: nosniff Cache-Control: public, max-age=29027867 Date: Tue, 07 Jan 2025 17:01:12 GMT Connection: close
2025-01-07 17:01:12 UTC	15897	IN	Data Raw: 6a 51 75 65 72 79 2e 61 6a 61 78 50 72 65 66 69 6c 74 65 72 28 66 75 6e 63 74 69 6f 6e 28 63 29 7b 63 2e 63 72 6f 73 73 44 6f 6d 61 69 6e 26 26 28 63 2e 63 6f 6e 74 65 6e 74 73 2e 73 63 72 69 70 74 3d 21 31 29 7d 29 3b 0a 6a 51 75 65 72 79 2e 65 78 74 65 6e 64 3d 6a 51 75 65 72 79 2e 66 6e 2e 65 78 74 65 6e 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 63 2c 64 2c 66 2c 61 3d 61 72 67 75 6d 65 6e 74 73 5b 30 5d 7c 7c 7b 7d 2c 62 3d 31 2c 65 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 2c 67 3d 21 31 3b 22 62 6f 6f 6c 65 61 6e 22 3d 3d 3d 74 79 70 65 6f 66 20 61 26 26 28 67 3d 61 2c 61 3d 61 72 67 75 6d 65 6e 74 73 5b 62 5d 7c 7c 7b 7d 2c 62 2b 2b 29 3b 22 6f 62 6a 65 63 74 22 3d 3d 3d 74 79 70 65 6f 66 20 61 7c 7c 6a 51 75 65 72 79 2e 69 73 46 Data Ascii: jQuery.ajaxPrefilter(function(c){c.crossDomain&&(c.contents.script=!1)});jQuery.extend=jQuery.fn.extend=function(){var c,d,f,a=arguments[0]\|\|{},b=1,e=arguments.length,g=!1;"boolean"===typeof a&&(g=a,a=arguments[b]\|\|{},b++);"object"===typeof a\|\|jQuery.isF
2025-01-07 17:01:12 UTC	16384	IN	Data Raw: 6e 74 73 2e 63 61 6c 6c 65 65 28 63 5b 61 5d 29 3b 69 66 28 63 5b 62 5d 29 72 65 74 75 72 6e 20 65 28 63 5b 62 5d 29 3f 63 5b 62 5d 3a 61 72 67 75 6d 65 6e 74 73 2e 63 61 6c 6c 65 65 28 63 5b 62 5d 29 3b 69 66 28 63 2e 70 61 72 65 6e 74 4e 6f 64 65 29 72 65 74 75 72 6e 20 61 72 67 75 6d 65 6e 74 73 2e 63 61 6c 6c 65 65 28 63 2e 70 61 72 65 6e 74 4e 6f 64 65 2c 21 30 29 7d 7d 2c 68 3d 67 28 22 66 69 72 73 74 43 68 69 6c 64 22 2c 22 6e 65 78 74 53 69 62 6c 69 6e 67 22 29 2c 6b 3d 67 28 22 6c 61 73 74 43 68 69 6c 64 22 2c 22 70 72 65 76 69 6f 75 73 53 69 62 6c 69 6e 67 22 29 2c 6d 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 76 61 72 20 64 3d 30 3e 63 3f 6b 3a 68 3b 69 66 28 65 28 61 29 29 72 65 74 75 72 6e 20 30 3e 62 2b 63 3f 6c 28 64 28 61 29 2c 62 Data Ascii: nts.callee(c[a]);if(c[b])return e(c[b])?c[b]:arguments.callee(c[b]);if(c.parentNode)return arguments.callee(c.parentNode,!0)}},h=g("firstChild","nextSibling"),k=g("lastChild","previousSibling"),m=function(a,b,c){var d=0>c?k:h;if(e(a))return 0>b+c?l(d(a),b
2025-01-07 17:01:12 UTC	2476	IN	Data Raw: 28 29 7b 76 61 72 20 66 3d 63 2e 44 72 61 67 2e 70 72 6f 74 6f 74 79 70 65 2e 70 6f 73 69 74 69 6f 6e 3b 63 2e 44 72 61 67 2e 70 72 6f 74 6f 74 79 70 65 2e 70 6f 73 69 74 69 6f 6e 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 74 68 69 73 2e 5f 73 74 65 70 29 7b 76 61 72 20 62 3d 74 68 69 73 2e 5f 73 74 65 70 2c 63 3d 62 2e 63 65 6e 74 65 72 26 26 62 2e 63 65 6e 74 65 72 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 67 3d 74 68 69 73 2e 6d 6f 76 69 6e 67 45 6c 65 6d 65 6e 74 2e 64 69 6d 65 6e 73 69 6f 6e 73 76 28 22 6f 75 74 65 72 22 29 2c 68 3d 62 2e 6f 66 66 73 65 74 2e 74 6f 70 28 29 2d 28 63 26 26 22 78 22 21 3d 63 3f 67 2e 68 65 69 67 68 74 28 29 2f 32 3a 30 29 3b 62 3d 62 2e 6f 66 66 73 65 74 2e 6c 65 66 74 28 29 2d 28 63 26 26 22 79 22 21 3d 63 3f Data Ascii: (){var f=c.Drag.prototype.position;c.Drag.prototype.position=function(a){if(this._step){var b=this._step,c=b.center&&b.center.toLowerCase(),g=this.movingElement.dimensionsv("outer"),h=b.offset.top()-(c&&"x"!=c?g.height()/2:0);b=b.offset.left()-(c&&"y"!=c?
2025-01-07 17:01:12 UTC	16384	IN	Data Raw: 2c 63 2e 5f 63 61 63 68 65 29 2e 6c 65 6e 67 74 68 7d 2c 64 65 61 63 74 69 76 61 74 65 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 62 2e 6f 75 74 28 63 2c 61 29 3b 61 2e 63 61 6c 6c 48 61 6e 64 6c 65 72 73 28 74 68 69 73 2e 6c 6f 77 65 72 4e 61 6d 65 2b 22 6f 75 74 22 2c 61 2e 65 6c 65 6d 65 6e 74 5b 30 5d 2c 63 2c 62 29 7d 2c 61 63 74 69 76 61 74 65 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 62 2e 6f 76 65 72 28 63 2c 61 29 3b 61 2e 63 61 6c 6c 48 61 6e 64 6c 65 72 73 28 74 68 69 73 2e 6c 6f 77 65 72 4e 61 6d 65 2b 22 6f 76 65 72 22 2c 61 2e 65 6c 65 6d 65 6e 74 5b 30 5d 2c 63 2c 62 29 7d 2c 6d 6f 76 65 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 61 2e 63 61 6c 6c 48 61 6e 64 6c 65 72 73 28 74 68 69 73 2e 6c 6f 77 65 72 4e 61 6d 65 Data Ascii: ,c._cache).length},deactivate:function(a,b,c){b.out(c,a);a.callHandlers(this.lowerName+"out",a.element[0],c,b)},activate:function(a,b,c){b.over(c,a);a.callHandlers(this.lowerName+"over",a.element[0],c,b)},move:function(a,b,c){a.callHandlers(this.lowerName
2025-01-07 17:01:12 UTC	10072	IN	Data Raw: 75 6e 64 65 66 69 6e 65 64 22 21 3d 3d 74 79 70 65 6f 66 20 55 69 6e 74 38 43 6c 61 6d 70 65 64 41 72 72 61 79 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 3d 74 79 70 65 6f 66 20 69 6d 70 6f 72 74 53 63 72 69 70 74 73 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 3d 74 79 70 65 6f 66 20 4d 65 73 73 61 67 65 43 68 61 6e 6e 65 6c 2c 42 3d 41 72 72 61 79 28 31 45 33 29 2c 54 3d 76 6f 69 64 20 30 3b 54 3d 4a 3f 64 28 29 3a 51 3f 61 28 29 3a 61 61 3f 62 28 29 3a 76 6f 69 64 20 30 3d 3d 3d 4d 26 26 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 3d 74 79 70 65 6f 66 20 72 65 71 75 69 72 65 3f 68 28 29 3a 65 28 29 3b 76 61 72 20 49 3d 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 2e 74 6f 53 74 72 69 6e 67 28 33 36 29 2e 73 75 62 73 74 72 69 6e 67 28 32 29 2c 0a 44 3d 76 6f 69 64 Data Ascii: undefined"!==typeof Uint8ClampedArray&&"undefined"!==typeof importScripts&&"undefined"!==typeof MessageChannel,B=Array(1E3),T=void 0;T=J?d():Q?a():aa?b():void 0===M&&"function"===typeof require?h():e();var I=Math.random().toString(36).substring(2),D=void

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:13 UTC	436	OUT	GET /3c-cdn/mail/client/wicket/resource/static-res/---/js/external-vEr-C4070C3FC386295F261ACFC2E1F4137C.js HTTP/1.1 Host: s.uicdn.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-07 17:01:13 UTC	487	IN	HTTP/1.1 200 OK Server: nginx Content-Type: application/javascript Content-Length: 13963 X-Robots-Tag: noindex, nofollow Last-Modified: Monday, 04-Nov-2024 15:10:29 GMT Pragma: cache Content-Disposition: inline Accept-Range: bytes Access-Control-Allow-Origin: * Access-Control-Allow-Methods: POST, GET, OPTIONS Access-Control-Max-Age: 1728000 X-Content-Type-Options: nosniff Cache-Control: public, max-age=30294686 Date: Tue, 07 Jan 2025 17:01:13 GMT Connection: close
2025-01-07 17:01:13 UTC	13963	IN	Data Raw: 22 6f 62 6a 65 63 74 22 21 3d 3d 74 79 70 65 6f 66 20 70 68 78 2e 74 63 66 26 26 28 70 68 78 2e 74 63 66 3d 7b 7d 29 3b 0a 28 66 75 6e 63 74 69 6f 6e 28 64 29 7b 66 75 6e 63 74 69 6f 6e 20 61 28 61 29 7b 76 61 72 20 62 3d 5b 5d 2c 64 3b 66 6f 72 28 64 20 69 6e 20 61 29 61 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 64 29 26 26 21 30 3d 3d 3d 61 5b 64 5d 26 26 62 2e 70 75 73 68 28 64 29 3b 72 65 74 75 72 6e 22 2c 22 2b 62 2b 22 2c 22 7d 76 61 72 20 62 3d 22 22 2c 66 3d 22 22 2c 67 3d 22 2c 2c 22 2c 6e 3d 22 2c 2c 22 2c 68 3d 22 2c 2c 22 2c 77 3d 22 22 3b 70 68 78 2e 74 63 66 2e 74 72 69 67 67 65 72 43 6f 6c 6c 65 63 74 69 6f 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 64 26 26 28 64 28 22 67 65 74 54 43 53 74 72 69 6e 67 22 2c 32 2c 66 75 6e 63 74 69 6f 6e Data Ascii: "object"!==typeof phx.tcf&&(phx.tcf={});(function(d){function a(a){var b=[],d;for(d in a)a.hasOwnProperty(d)&&!0===a[d]&&b.push(d);return","+b+","}var b="",f="",g=",,",n=",,",h=",,",w="";phx.tcf.triggerCollection=function(){d&&(d("getTCString",2,function

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:13 UTC	436	OUT	GET /3c-cdn/mail/client/wicket/resource/static-res/---/js/behavior-vEr-EC79B77633126C883DE54BCE83B29FF4.js HTTP/1.1 Host: s.uicdn.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-07 17:01:14 UTC	488	IN	HTTP/1.1 200 OK Accept-Range: bytes Access-Control-Allow-Methods: POST, GET, OPTIONS Access-Control-Allow-Origin: * Access-Control-Max-Age: 1728000 Content-Disposition: inline Content-Length: 165413 Content-Type: application/javascript Last-Modified: Monday, 09-Dec-2024 14:17:37 GMT Pragma: cache Server: nginx X-Content-Type-Options: nosniff X-Robots-Tag: noindex, nofollow Cache-Control: public, max-age=29020624 Date: Tue, 07 Jan 2025 17:01:13 GMT Connection: close
2025-01-07 17:01:14 UTC	15896	IN	Data Raw: 76 61 72 20 24 6a 73 63 6f 6d 70 3d 24 6a 73 63 6f 6d 70 7c 7c 7b 7d 3b 24 6a 73 63 6f 6d 70 2e 73 63 6f 70 65 3d 7b 7d 3b 24 6a 73 63 6f 6d 70 2e 61 72 72 61 79 49 74 65 72 61 74 6f 72 49 6d 70 6c 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 63 3d 30 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 63 3c 61 2e 6c 65 6e 67 74 68 3f 7b 64 6f 6e 65 3a 21 31 2c 76 61 6c 75 65 3a 61 5b 63 2b 2b 5d 7d 3a 7b 64 6f 6e 65 3a 21 30 7d 7d 7d 3b 24 6a 73 63 6f 6d 70 2e 61 72 72 61 79 49 74 65 72 61 74 6f 72 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 7b 6e 65 78 74 3a 24 6a 73 63 6f 6d 70 2e 61 72 72 61 79 49 74 65 72 61 74 6f 72 49 6d 70 6c 28 61 29 7d 7d 3b 24 6a 73 63 6f 6d 70 2e 6d 61 6b 65 49 74 65 72 61 74 6f 72 Data Ascii: var $jscomp=$jscomp\|\|{};$jscomp.scope={};$jscomp.arrayIteratorImpl=function(a){var c=0;return function(){return c<a.length?{done:!1,value:a[c++]}:{done:!0}}};$jscomp.arrayIterator=function(a){return{next:$jscomp.arrayIteratorImpl(a)}};$jscomp.makeIterator
2025-01-07 17:01:14 UTC	16384	IN	Data Raw: 6f 2e 73 70 6c 69 63 65 28 61 2c 31 29 3b 74 68 69 73 2e 69 6e 73 74 61 6e 63 65 73 2e 6c 65 6e 67 74 68 7c 7c 63 2e 72 65 6d 6f 76 65 43 6f 6d 70 6f 6e 65 6e 74 49 6e 66 6f 28 74 68 69 73 29 7d 3b 74 68 69 73 2e 69 73 41 74 74 61 63 68 65 64 54 6f 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 2d 31 3c 74 68 69 73 2e 61 74 74 61 63 68 65 64 54 6f 2e 69 6e 64 65 78 4f 66 28 61 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 64 28 61 29 7b 74 68 69 73 2e 69 6e 73 74 61 6e 63 65 3d 61 3b 74 68 69 73 2e 65 76 65 6e 74 73 3d 5b 5d 3b 74 68 69 73 2e 61 64 64 42 69 6e 64 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 65 76 65 6e 74 73 2e 70 75 73 68 28 61 29 3b 63 2e 65 76 65 6e 74 73 2e 70 75 73 68 28 61 29 7d 3b 74 68 69 73 2e 72 65 6d 6f 76 65 42 69 6e Data Ascii: o.splice(a,1);this.instances.length\|\|c.removeComponentInfo(this)};this.isAttachedTo=function(a){return-1<this.attachedTo.indexOf(a)}}function d(a){this.instance=a;this.events=[];this.addBind=function(a){this.events.push(a);c.events.push(a)};this.removeBin
2025-01-07 17:01:14 UTC	2829	IN	Data Raw: 74 64 22 2c 64 2c 68 29 7d 2c 61 62 6f 72 74 3a 66 75 6e 63 74 69 6f 6e 28 62 29 7b 76 61 72 20 64 3d 66 28 62 29 3b 61 28 62 29 2e 6f 6e 65 28 22 6d 6f 75 73 65 6c 65 61 76 65 2e 66 74 64 22 2c 7b 66 74 64 49 64 3a 64 7d 2c 67 29 7d 7d 2c 66 6c 79 6f 75 74 3a 7b 63 6c 6f 73 65 3a 66 75 6e 63 74 69 6f 6e 28 62 29 7b 76 61 72 20 64 3d 66 28 62 29 3b 76 61 72 20 63 3d 7b 66 74 64 49 64 3a 64 7d 3b 61 28 22 23 22 2b 64 29 2e 6f 6e 28 22 63 6c 69 63 6b 2e 66 74 64 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 2e 73 74 6f 70 50 72 6f 70 61 67 61 74 69 6f 6e 28 29 7d 29 3b 61 28 64 6f 63 75 6d 65 6e 74 29 2e 6f 6e 65 28 22 63 6c 69 63 6b 2e 66 74 64 22 2c 63 2c 68 29 3b 61 28 62 29 2e 63 6c 6f 73 65 73 74 28 22 2e 6a 73 2d 73 63 72 6f 6c 6c 2d 70 61 6e 65 22 29 Data Ascii: td",d,h)},abort:function(b){var d=f(b);a(b).one("mouseleave.ftd",{ftdId:d},g)}},flyout:{close:function(b){var d=f(b);var c={ftdId:d};a("#"+d).on("click.ftd",function(a){a.stopPropagation()});a(document).one("click.ftd",c,h);a(b).closest(".js-scroll-pane")
2025-01-07 17:01:14 UTC	16384	IN	Data Raw: 7b 74 6f 70 3a 7b 6c 65 66 74 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 61 2e 66 74 64 3b 76 61 72 20 63 3d 61 2e 74 61 72 67 65 74 3b 76 61 72 20 65 3d 62 2e 6f 66 66 73 65 74 2e 78 3b 72 65 74 75 72 6e 20 63 2e 6c 65 66 74 2b 65 2d 4d 61 74 68 2e 6d 61 78 28 30 2c 62 2e 77 69 64 74 68 2d 63 2e 77 69 64 74 68 2b 65 2d 61 2e 6d 61 72 67 69 6e 54 6f 56 69 65 77 70 6f 72 74 2e 72 69 67 68 74 29 7d 2c 74 6f 70 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 4d 61 74 68 2e 6d 61 78 28 30 2c 61 2e 74 61 72 67 65 74 2e 74 6f 70 2d 61 2e 66 74 64 2e 68 65 69 67 68 74 2b 61 2e 66 74 64 2e 6f 66 66 73 65 74 2e 79 29 7d 2c 73 74 65 6d 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 61 2e 74 61 72 67 65 74 2e 77 69 64 74 68 3b 76 Data Ascii: {top:{left:function(a){var b=a.ftd;var c=a.target;var e=b.offset.x;return c.left+e-Math.max(0,b.width-c.width+e-a.marginToViewport.right)},top:function(a){return Math.max(0,a.target.top-a.ftd.height+a.ftd.offset.y)},stem:function(a){var b=a.target.width;v
2025-01-07 17:01:14 UTC	16384	IN	Data Raw: 2e 6d 61 78 54 6f 75 63 68 50 6f 69 6e 74 73 29 70 68 78 2e 64 6e 64 2e 63 72 65 61 74 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 7d 29 28 6a 51 75 65 72 79 29 3b 28 66 75 6e 63 74 69 6f 6e 28 61 2c 63 29 7b 66 75 6e 63 74 69 6f 6e 20 62 28 29 7b 74 68 69 73 2e 6b 65 79 53 75 70 70 6f 72 74 57 68 69 74 65 4c 69 73 74 3d 22 69 6e 70 75 74 2c 20 74 65 78 74 61 72 65 61 2c 20 73 65 6c 65 63 74 22 3b 74 68 69 73 2e 6b 65 79 53 75 70 70 6f 72 74 42 6c 61 63 6b 4c 69 73 74 3d 22 3a 63 68 65 63 6b 62 6f 78 22 3b 74 68 69 73 2e 6b 65 79 42 69 6e 64 69 6e 67 73 3d 7b 7d 3b 74 68 69 73 2e 69 73 41 63 74 69 76 65 3d 21 31 3b 74 68 69 73 2e 6b 65 79 64 6f 77 6e 48 61 6e 64 6c 65 72 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 74 68 69 73 2e 67 65 74 4b 65 Data Ascii: .maxTouchPoints)phx.dnd.create=function(){}})(jQuery);(function(a,c){function b(){this.keySupportWhiteList="input, textarea, select";this.keySupportBlackList=":checkbox";this.keyBindings={};this.isActive=!1;this.keydownHandler=function(a){var b=this.getKe
2025-01-07 17:01:14 UTC	7952	IN	Data Raw: 65 6e 75 57 72 70 22 29 2e 68 69 64 65 28 29 3b 61 28 22 23 68 6f 76 65 72 4d 65 6e 75 22 29 2e 68 69 64 65 28 29 2e 61 74 74 72 28 22 69 64 22 2c 22 68 6f 76 65 72 4d 65 6e 75 4f 72 69 22 29 3b 61 28 64 6f 63 75 6d 65 6e 74 29 2e 6f 6e 28 7b 6d 6f 75 73 65 65 6e 74 65 72 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 63 3d 61 28 74 68 69 73 29 2c 65 3d 61 28 64 29 3b 69 66 28 21 70 68 78 2e 75 74 69 6c 2e 75 73 65 72 41 67 65 6e 74 2e 69 73 28 22 69 6f 73 22 29 29 7b 76 61 72 20 67 3d 63 2e 61 74 74 72 28 22 64 61 74 61 2d 68 6f 76 65 72 6d 65 6e 75 2d 68 69 64 65 22 29 2c 68 3b 69 66 28 22 73 74 72 69 6e 67 22 3d 3d 3d 74 79 70 65 6f 66 20 67 29 66 6f 72 28 67 3d 67 2e 73 70 6c 69 74 28 22 22 29 2c 68 3d 30 3b 68 3c 67 2e 6c 65 6e 67 74 68 3b 68 2b 2b Data Ascii: enuWrp").hide();a("#hoverMenu").hide().attr("id","hoverMenuOri");a(document).on({mouseenter:function(){var c=a(this),e=a(d);if(!phx.util.userAgent.is("ios")){var g=c.attr("data-hovermenu-hide"),h;if("string"===typeof g)for(g=g.split(""),h=0;h<g.length;h++
2025-01-07 17:01:14 UTC	16384	IN	Data Raw: 74 41 74 74 72 69 62 75 74 65 28 22 6d 61 69 6c 2d 69 64 22 2c 63 29 3b 64 2e 6d 61 69 6c 3d 7b 6d 61 69 6c 49 64 3a 63 2c 66 75 6c 6c 42 6f 64 79 53 72 63 3a 6e 28 70 68 78 2e 76 61 72 73 2e 77 69 74 68 45 78 74 65 72 6e 61 6c 73 2c 63 29 2c 73 61 66 65 42 6f 64 79 53 72 63 3a 6e 28 70 68 78 2e 76 61 72 73 2e 77 69 74 68 6f 75 74 45 78 74 65 72 6e 61 6c 73 2c 63 29 2c 70 72 69 6e 74 4d 61 69 6c 55 72 6c 3a 6e 28 70 68 78 2e 76 61 72 73 2e 70 72 69 6e 74 55 72 6c 2c 63 29 2c 73 61 76 65 4d 61 69 6c 55 72 6c 3a 6e 28 70 68 78 2e 76 61 72 73 2e 73 61 76 65 55 72 6c 2c 63 29 7d 7d 61 28 22 77 65 62 6d 61 69 6c 65 72 2d 6d 61 69 6c 2d 64 65 74 61 69 6c 22 29 2e 73 68 6f 77 28 29 7d 65 6c 73 65 20 62 3d 62 2e 64 65 74 61 69 6c 2e 63 6f 6e 74 65 6e 74 2c 61 28 Data Ascii: tAttribute("mail-id",c);d.mail={mailId:c,fullBodySrc:n(phx.vars.withExternals,c),safeBodySrc:n(phx.vars.withoutExternals,c),printMailUrl:n(phx.vars.printUrl,c),saveMailUrl:n(phx.vars.saveUrl,c)}}a("webmailer-mail-detail").show()}else b=b.detail.content,a(
2025-01-07 17:01:14 UTC	16384	IN	Data Raw: 61 69 6c 2d 63 6f 6d 70 6f 73 65 22 2c 6c 29 3b 61 28 64 6f 63 75 6d 65 6e 74 29 2e 6f 6e 28 22 77 6d 63 6f 6d 70 6f 73 65 5f 65 64 69 74 2d 6d 61 69 6c 22 2c 22 77 65 62 6d 61 69 6c 65 72 2d 6d 61 69 6c 2d 63 6f 6d 70 6f 73 65 22 2c 6c 29 3b 61 28 64 6f 63 75 6d 65 6e 74 29 2e 6f 66 66 28 22 77 6d 63 6f 6d 70 6f 73 65 5f 6f 70 65 6e 2d 73 65 6e 64 65 72 2d 73 65 74 74 69 6e 67 73 22 2c 22 77 65 62 6d 61 69 6c 65 72 2d 6d 61 69 6c 2d 63 6f 6d 70 6f 73 65 22 2c 71 29 3b 61 28 64 6f 63 75 6d 65 6e 74 29 2e 6f 6e 28 22 77 6d 63 6f 6d 70 6f 73 65 5f 6f 70 65 6e 2d 73 65 6e 64 65 72 2d 73 65 74 74 69 6e 67 73 22 2c 22 77 65 62 6d 61 69 6c 65 72 2d 6d 61 69 6c 2d 63 6f 6d 70 6f 73 65 22 2c 71 29 3b 61 28 64 6f 63 75 6d 65 6e 74 29 2e 6f 66 66 28 22 77 6d 63 6f Data Ascii: ail-compose",l);a(document).on("wmcompose_edit-mail","webmailer-mail-compose",l);a(document).off("wmcompose_open-sender-settings","webmailer-mail-compose",q);a(document).on("wmcompose_open-sender-settings","webmailer-mail-compose",q);a(document).off("wmco
2025-01-07 17:01:14 UTC	7952	IN	Data Raw: 72 74 22 29 2c 64 61 79 4e 61 6d 65 73 4d 69 6e 3a 63 2e 67 65 74 53 74 72 69 6e 67 4c 69 73 74 28 22 64 61 74 65 44 61 79 4e 61 6d 65 73 53 68 6f 72 74 22 29 2c 77 65 65 6b 48 65 61 64 65 72 3a 63 2e 67 65 74 53 74 72 69 6e 67 28 22 64 61 74 65 50 69 63 6b 65 72 57 65 65 6b 48 65 61 64 65 72 22 29 2c 0a 66 69 72 73 74 44 61 79 3a 31 7d 29 7d 29 28 6a 51 75 65 72 79 2c 69 31 38 6e 29 3b 76 61 72 20 44 61 74 65 50 69 63 6b 65 72 50 65 72 69 6f 64 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 63 29 7b 63 28 7b 6e 61 6d 65 3a 22 44 61 74 65 50 69 63 6b 65 72 50 65 72 69 6f 64 22 2c 6d 69 78 69 6e 73 3a 5b 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 64 65 66 61 75 6c 74 41 74 74 72 73 28 7b 73 65 6c 65 63 74 54 72 69 67 67 65 72 3a 22 73 65 6c 65 63 74 2e 64 61 74 Data Ascii: rt"),dayNamesMin:c.getStringList("dateDayNamesShort"),weekHeader:c.getString("datePickerWeekHeader"),firstDay:1})})(jQuery,i18n);var DatePickerPeriod=function(a,c){c({name:"DatePickerPeriod",mixins:[function(){this.defaultAttrs({selectTrigger:"select.dat
2025-01-07 17:01:14 UTC	12216	IN	Data Raw: 73 2e 6f 6e 28 22 72 65 63 69 70 69 65 6e 74 2e 61 64 64 22 2c 74 68 69 73 2e 6f 6e 41 64 64 52 65 63 69 70 69 65 6e 74 29 3b 74 68 69 73 2e 6f 6e 28 22 72 65 73 69 7a 65 2e 73 65 6c 65 63 74 32 22 2c 74 68 69 73 2e 63 68 65 63 6b 43 6f 6d 70 6f 6e 65 6e 74 48 65 69 67 68 74 29 3b 74 68 69 73 2e 6f 6e 28 22 66 6f 63 75 73 22 2c 74 68 69 73 2e 6f 6e 46 6f 63 75 73 29 3b 74 68 69 73 2e 6f 6e 28 64 6f 63 75 6d 65 6e 74 2c 22 61 64 64 72 65 73 73 63 68 6f 6f 73 65 72 2f 72 65 63 69 70 69 65 6e 74 2f 61 64 64 22 2c 74 68 69 73 2e 6f 6e 41 64 64 52 65 63 69 70 69 65 6e 74 46 72 6f 6d 41 64 64 72 65 73 73 43 68 6f 6f 73 65 72 29 7d 29 7d 5d 7d 29 7d 28 6a 51 75 65 72 79 2c 0a 64 65 66 69 6e 65 43 6f 6d 70 6f 6e 65 6e 74 2c 4d 61 69 6c 4f 62 6a 65 63 74 50 61 6e Data Ascii: s.on("recipient.add",this.onAddRecipient);this.on("resize.select2",this.checkComponentHeight);this.on("focus",this.onFocus);this.on(document,"addresschooser/recipient/add",this.onAddRecipientFromAddressChooser)})}]})}(jQuery,defineComponent,MailObjectPan

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:33 UTC	782	OUT	GET /3c-cdn/mail/client/wicket/resource/static-res/---/uic/img/themes/unified/mailcomblue/sprite-636a9d47a5.png HTTP/1.1 Host: s.uicdn.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://s.uicdn.com/3c-cdn/mail/client/wicket/resource/static-res/---/unified/mailcomblue-vEr-3A954EE85EEC51DF65B1839F8DA9F486.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-07 17:01:33 UTC	482	IN	HTTP/1.1 200 OK Server: nginx/1.14.2 Content-Type: image/png Content-Length: 23105 X-Robots-Tag: noindex, nofollow Last-Modified: Friday, 15-Mar-2024 09:20:54 GMT Pragma: cache Content-Disposition: inline Accept-Range: bytes Access-Control-Allow-Origin: * Access-Control-Allow-Methods: POST, GET, OPTIONS Access-Control-Max-Age: 1728000 X-Content-Type-Options: nosniff Cache-Control: private, max-age=31125879 Date: Tue, 07 Jan 2025 17:01:33 GMT Connection: close
2025-01-07 17:01:33 UTC	15902	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 0a 00 00 00 ea 08 06 00 00 00 5a f8 0b ff 00 00 5a 08 49 44 41 54 78 da ed 9d 07 7c 14 45 fb c7 93 50 c5 42 51 ec 22 62 03 94 a2 40 10 04 8c fe 45 41 44 b1 a0 d8 10 1b 16 d4 17 2b 60 05 95 57 40 10 2c a8 28 0a d8 c5 82 22 f0 82 a0 54 43 ef d2 09 84 1a 5a 1a 3d 10 d8 ff ef 39 9e 8d 93 c9 ec ee ec de 5e 09 ec 7c 3e df 4f ee 76 f7 36 7b 7b 37 df 9b 79 a6 25 b4 6c d9 f2 6e 70 7f 14 b9 07 5c 03 4e 4f 90 12 b6 75 06 5d a2 c8 b3 e0 36 50 25 c1 22 61 5f 35 d0 0a 3c 0c 3a 46 91 0e 8a 6b a9 09 da 83 57 41 f7 28 d2 d5 bc 06 c3 30 e2 9a 78 b9 ce 78 4d 57 bd 32 7b 36 38 00 0c b0 0d 2c 05 53 c0 d7 a0 9b e5 fb a9 51 a3 c6 a4 ea d5 ab a7 46 0b fc bf c9 b5 6b d7 fe fe ea ab af 7e 01 5f c0 64 f1 4d 60 5f 0e 8e d9 17 Data Ascii: PNGIHDRZZIDATx\|EPBQ"b@EAD+`W@,("TCZ=9^\|>Ov6{{7y%lnp\NOu]6P%"a_5<:FkWA(0xxMW2{68,SQFk~_dM`_
2025-01-07 17:01:33 UTC	7203	IN	Data Raw: fc 1e 0c 04 5b c0 33 60 14 f7 c6 a4 e0 e5 58 8b 98 c6 48 70 82 1f 1d ae 34 44 e1 a5 c3 d5 02 17 92 48 d7 18 14 36 54 43 12 43 75 7f f5 e2 a0 c3 15 95 30 5e 77 e8 99 49 63 1e ea 09 54 95 c6 7a 50 fa 58 f1 9e f3 78 df ae 20 db 87 16 00 1a ab 58 f4 e7 71 17 a2 d8 07 1e 02 ad c1 22 69 df db e0 2d 30 47 53 14 2b 85 89 86 a9 a5 29 45 57 14 c4 a9 60 2b 78 0d 6c 04 d3 b9 45 c3 2c 3d 50 70 65 04 78 89 9b 46 29 b0 59 c2 af 2e dc 0e 92 88 69 17 6e a9 0a 62 d7 9d 3b dd ed b0 78 95 2c 6c 44 e1 67 17 ee 03 e0 81 30 47 8f 5e cd 32 58 18 94 28 ec 53 fd fa f5 7f 05 eb 59 10 db f0 78 5a c3 86 0d 6b bb 10 45 c1 0c 57 5c fd 97 45 f1 8d 6e d5 83 c6 c7 48 b3 92 2f 74 23 8a 36 e0 63 96 c5 44 ae 72 50 b3 e7 20 d0 0c 5c cd 92 18 0e 66 82 4d e0 82 63 61 50 98 55 cb 8b 82 14 2f f5 Data Ascii: [3`XHp4DH6TCCu0^wIcTzPXx Xq"i-0GS+)EW`+xlE,=PpexF)Y.inb;x,lDg0G^2X(SYxZkEW\EnH/t#6cDrP \fMcaPU/

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:34 UTC	441	OUT	GET /3c-cdn/mail/client/wicket/resource/static-res/---/uic/img/themes/unified/mailcomblue/sprite-636a9d47a5.png HTTP/1.1 Host: s.uicdn.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-07 17:01:34 UTC	482	IN	HTTP/1.1 200 OK Server: nginx/1.14.2 Content-Type: image/png Content-Length: 23105 X-Robots-Tag: noindex, nofollow Last-Modified: Friday, 15-Mar-2024 09:20:54 GMT Pragma: cache Content-Disposition: inline Accept-Range: bytes Access-Control-Allow-Origin: * Access-Control-Allow-Methods: POST, GET, OPTIONS Access-Control-Max-Age: 1728000 X-Content-Type-Options: nosniff Cache-Control: private, max-age=31125878 Date: Tue, 07 Jan 2025 17:01:34 GMT Connection: close
2025-01-07 17:01:34 UTC	15902	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 0a 00 00 00 ea 08 06 00 00 00 5a f8 0b ff 00 00 5a 08 49 44 41 54 78 da ed 9d 07 7c 14 45 fb c7 93 50 c5 42 51 ec 22 62 03 94 a2 40 10 04 8c fe 45 41 44 b1 a0 d8 10 1b 16 d4 17 2b 60 05 95 57 40 10 2c a8 28 0a d8 c5 82 22 f0 82 a0 54 43 ef d2 09 84 1a 5a 1a 3d 10 d8 ff ef 39 9e 8d 93 c9 ec ee ec de 5e 09 ec 7c 3e df 4f ee 76 f7 36 7b 7b 37 df 9b 79 a6 25 b4 6c d9 f2 6e 70 7f 14 b9 07 5c 03 4e 4f 90 12 b6 75 06 5d a2 c8 b3 e0 36 50 25 c1 22 61 5f 35 d0 0a 3c 0c 3a 46 91 0e 8a 6b a9 09 da 83 57 41 f7 28 d2 d5 bc 06 c3 30 e2 9a 78 b9 ce 78 4d 57 bd 32 7b 36 38 00 0c b0 0d 2c 05 53 c0 d7 a0 9b e5 fb a9 51 a3 c6 a4 ea d5 ab a7 46 0b fc bf c9 b5 6b d7 fe fe ea ab af 7e 01 5f c0 64 f1 4d 60 5f 0e 8e d9 17 Data Ascii: PNGIHDRZZIDATx\|EPBQ"b@EAD+`W@,("TCZ=9^\|>Ov6{{7y%lnp\NOu]6P%"a_5<:FkWA(0xxMW2{68,SQFk~_dM`_
2025-01-07 17:01:34 UTC	7203	IN	Data Raw: fc 1e 0c 04 5b c0 33 60 14 f7 c6 a4 e0 e5 58 8b 98 c6 48 70 82 1f 1d ae 34 44 e1 a5 c3 d5 02 17 92 48 d7 18 14 36 54 43 12 43 75 7f f5 e2 a0 c3 15 95 30 5e 77 e8 99 49 63 1e ea 09 54 95 c6 7a 50 fa 58 f1 9e f3 78 df ae 20 db 87 16 00 1a ab 58 f4 e7 71 17 a2 d8 07 1e 02 ad c1 22 69 df db e0 2d 30 47 53 14 2b 85 89 86 a9 a5 29 45 57 14 c4 a9 60 2b 78 0d 6c 04 d3 b9 45 c3 2c 3d 50 70 65 04 78 89 9b 46 29 b0 59 c2 af 2e dc 0e 92 88 69 17 6e a9 0a 62 d7 9d 3b dd ed b0 78 95 2c 6c 44 e1 67 17 ee 03 e0 81 30 47 8f 5e cd 32 58 18 94 28 ec 53 fd fa f5 7f 05 eb 59 10 db f0 78 5a c3 86 0d 6b bb 10 45 c1 0c 57 5c fd 97 45 f1 8d 6e d5 83 c6 c7 48 b3 92 2f 74 23 8a 36 e0 63 96 c5 44 ae 72 50 b3 e7 20 d0 0c 5c cd 92 18 0e 66 82 4d e0 82 63 61 50 98 55 cb 8b 82 14 2f f5 Data Ascii: [3`XHp4DH6TCCu0^wIcTzPXx Xq"i-0GS+)EW`+xlE,=PpexF)Y.inb;x,lDg0G^2X(SYxZkEW\EnH/t#6cDrP \fMcaPU/

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:40 UTC	666	OUT	GET / HTTP/1.1 Host: archivofdb.online Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-07 17:01:40 UTC	861	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 07 Jan 2025 17:01:40 GMT Content-Type: text/html Content-Length: 167 Connection: close Cache-Control: max-age=3600 Expires: Tue, 07 Jan 2025 18:01:40 GMT Location: https://is.gd/7uPZjc Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9VZ2F3AC9pmepSk745FoLCvi6qQAd2DhvgamcNcBUoHOOYNgOqAIQTy%2F8PO5YGxY6D4DKUn804ZNcRboOylnm6OAu0zlrCAaoQMA2Hc1720wPjDuRvuKxJfgHdH1RujcXOJRcg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8fe582d9982fc35d-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=29411&min_rtt=1506&rtt_var=17173&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2841&recv_bytes=1244&delivery_rate=1938911&cwnd=183&unsent_bytes=0&cid=eb58b9d9d2d2b31c&ts=150&x=0"
2025-01-07 17:01:40 UTC	167	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>cloudflare</center></body></html>

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:41 UTC	660	OUT	GET /7uPZjc HTTP/1.1 Host: is.gd Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-07 17:01:41 UTC	554	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 07 Jan 2025 17:01:41 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://77.33.109.208.host.secureserver.net/ CF-Cache-Status: DYNAMIC Set-Cookie: __cf_bm=JbsPb2itc_QL1sTCqXhh4o8YMHqqwDjkh4oF7r1gmOA-1736269301-1.0.1.1-uxL4C.51b.Jyw_kpiSa_tRjMWvJ.WHrhmGtSL5Nx42aUeg5UwUMNzNIMJIZX9eUwwypeTZobG1NtVIWLNPquHA; path=/; expires=Tue, 07-Jan-25 17:31:41 GMT; domain=.is.gd; HttpOnly; Secure; SameSite=None Server: cloudflare CF-RAY: 8fe582de0e5642cf-EWR
2025-01-07 17:01:41 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:42 UTC	684	OUT	GET / HTTP/1.1 Host: 77.33.109.208.host.secureserver.net Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-07 17:01:42 UTC	200	IN	HTTP/1.1 302 Found Date: Tue, 07 Jan 2025 17:01:42 GMT Server: Apache/2.4.41 (Ubuntu) Location: https://google.com Content-Length: 81 Connection: close Content-Type: text/html; charset=UTF-8
2025-01-07 17:01:42 UTC	81	IN	Data Raw: 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 31 36 22 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a Data Ascii: <!DOCTYPE html><html lang="en"><head> <meta charset="utf-16"></head>

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:44 UTC	663	OUT	GET / HTTP/1.1 Host: www.google.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-07 17:01:44 UTC	1767	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 17:01:44 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Strict-Transport-Security: max-age=31536000 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-LC_KigjfNiZ1DcvSOuqCmg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} Accept-CH: Sec-CH-Prefers-Color-Scheme Accept-CH: Sec-CH-UA-Form-Factors Accept-CH: Sec-CH-UA-Platform Accept-CH: Sec-CH-UA-Platform-Version Accept-CH: Sec-CH-UA-Full-Version Accept-CH: Sec-CH-UA-Arch Accept-CH: Sec-CH-UA-Model Accept-CH: Sec-CH-UA-Bitness Accept-CH: Sec-CH-UA-Full-Version-List Accept-CH: Sec-CH-UA-WoW64 Permissions-Policy: unload=() P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Server: gws X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: AEC=AZ6Zc-V3NDzY5GD-odoGC5HMfGXBe0BBilPReFewzLkpj5KY7t6I9Lcw0w; expires=Sun, 06-Jul-2025 17:01:44 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=520=dR0wKL5p6kLfAaRxqSJg0ZivkU7sgFycU7YRbaVrEsU6oGOCya0-3V2yRIiDcMcv2cVU78_-N-VbE8w_k4-eXmeIFKXUFsBQw70fjY4zx8waVpper0QPRWWXBV0SK9TRPbs-ftc-aeTmAb1QP-nr1-IcN30Mbz6z0UF1g49fa08RmFbe6GRQn7k9ZEYDpUPtq4NN8FsC; expires=Wed, 09-Jul-2025 17:01:44 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2025-01-07 17:01:44 UTC	1767	IN	Data Raw: 32 34 66 38 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 69 74 65 6d 73 63 6f 70 65 3d 22 22 20 69 74 65 6d 74 79 70 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 2e 6f 72 67 2f 57 65 62 50 61 67 65 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 6f 72 69 67 69 6e 22 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 3e 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 67 2f 31 78 2f 67 6f 6f 67 6c 65 67 5f 73 74 61 6e 64 61 72 64 5f 63 6f 6c 6f 72 5f 31 32 38 64 70 2e 70 6e 67 22 20 69 74 65 6d 70 72 6f 70 3d 22 69 6d 61 67 65 22 3e 3c 74 69 74 6c 65 3e Data Ascii: 24f8<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en"><head><meta charset="UTF-8"><meta content="origin" name="referrer"><meta content="/images/branding/googleg/1x/googleg_standard_color_128dp.png" itemprop="image"><title>
2025-01-07 17:01:44 UTC	1767	IN	Data Raw: 3d 67 6f 6f 67 6c 65 29 2e 78 7c 7c 28 64 2e 78 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 61 29 76 61 72 20 63 3d 61 2e 69 64 3b 65 6c 73 65 7b 64 6f 20 63 3d 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 3b 77 68 69 6c 65 28 67 6f 6f 67 6c 65 2e 79 5b 63 5d 29 7d 67 6f 6f 67 6c 65 2e 79 5b 63 5d 3d 5b 61 2c 62 5d 3b 72 65 74 75 72 6e 21 31 7d 29 3b 76 61 72 20 65 3b 28 65 3d 67 6f 6f 67 6c 65 29 2e 73 78 7c 7c 28 65 2e 73 78 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 67 6f 6f 67 6c 65 2e 73 79 2e 70 75 73 68 28 61 29 7d 29 3b 67 6f 6f 67 6c 65 2e 6c 6d 3d 5b 5d 3b 76 61 72 20 66 3b 28 66 3d 67 6f 6f 67 6c 65 29 2e 70 6c 6d 7c 7c 28 66 2e 70 6c 6d 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 67 6f 6f 67 6c 65 2e 6c 6d 2e 70 75 73 68 2e 61 70 70 6c 79 28 67 6f Data Ascii: =google).x\|\|(d.x=function(a,b){if(a)var c=a.id;else{do c=Math.random();while(google.y[c])}google.y[c]=[a,b];return!1});var e;(e=google).sx\|\|(e.sx=function(a){google.sy.push(a)});google.lm=[];var f;(f=google).plm\|\|(f.plm=function(a){google.lm.push.apply(go
2025-01-07 17:01:44 UTC	1767	IN	Data Raw: 62 61 7c 7c 77 69 6e 64 6f 77 2e 70 65 72 66 6f 72 6d 61 6e 63 65 2e 74 69 6d 69 6e 67 2e 72 65 73 70 6f 6e 73 65 53 74 61 72 74 3a 76 6f 69 64 20 30 3b 66 75 6e 63 74 69 6f 6e 20 63 61 28 61 2c 62 2c 63 2c 64 2c 66 29 7b 69 66 28 21 61 7c 7c 21 62 26 26 64 61 28 61 29 29 72 65 74 75 72 6e 20 30 3b 69 66 28 21 61 2e 67 65 74 42 6f 75 6e 64 69 6e 67 43 6c 69 65 6e 74 52 65 63 74 29 72 65 74 75 72 6e 20 31 3b 76 61 72 20 68 3d 66 75 6e 63 74 69 6f 6e 28 6b 29 7b 72 65 74 75 72 6e 20 6b 2e 67 65 74 42 6f 75 6e 64 69 6e 67 43 6c 69 65 6e 74 52 65 63 74 28 29 7d 3b 72 65 74 75 72 6e 21 62 26 26 65 61 28 61 2c 64 2c 68 29 7c 7c 21 62 26 26 66 26 26 66 61 28 61 2c 68 29 3f 30 3a 68 61 28 61 2c 62 2c 63 2c 64 2c 68 29 7d 66 75 6e 63 74 69 6f 6e 20 66 61 28 61 2c Data Ascii: ba\|\|window.performance.timing.responseStart:void 0;function ca(a,b,c,d,f){if(!a\|\|!b&&da(a))return 0;if(!a.getBoundingClientRect)return 1;var h=function(k){return k.getBoundingClientRect()};return!b&&ea(a,d,h)\|\|!b&&f&&fa(a,h)?0:ha(a,b,c,d,h)}function fa(a,
2025-01-07 17:01:44 UTC	1767	IN	Data Raw: 69 66 28 64 3d 21 74 68 69 73 2e 6a 29 61 3a 7b 66 6f 72 28 64 3d 30 3b 64 3c 43 2e 6c 65 6e 67 74 68 3b 2b 2b 64 29 69 66 28 61 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 22 2b 43 5b 64 5d 29 29 7b 64 3d 21 30 3b 62 72 65 61 6b 20 61 7d 64 3d 21 31 7d 74 68 69 73 2e 6c 3d 64 3b 74 68 69 73 2e 46 3d 74 68 69 73 2e 67 2e 68 61 73 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 62 73 72 63 22 29 3b 28 61 3d 74 68 69 73 2e 67 2e 73 72 63 29 26 26 74 68 69 73 2e 6c 26 26 28 74 68 69 73 2e 44 3d 61 29 3b 21 74 68 69 73 2e 6c 26 26 74 79 70 65 6f 66 20 61 3d 3d 3d 22 73 74 72 69 6e 67 22 26 26 61 7c 7c 74 68 69 73 2e 67 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 6c 7a 79 5f 22 2c 22 31 22 29 3b 74 68 69 73 2e 42 3f 62 3d 21 30 Data Ascii: if(d=!this.j)a:{for(d=0;d<C.length;++d)if(a.getAttribute("data-"+C[d])){d=!0;break a}d=!1}this.l=d;this.F=this.g.hasAttribute("data-bsrc");(a=this.g.src)&&this.l&&(this.D=a);!this.l&&typeof a==="string"&&a\|\|this.g.setAttribute("data-lzy_","1");this.B?b=!0
2025-01-07 17:01:44 UTC	1767	IN	Data Raw: 72 28 76 61 72 20 66 3d 30 2c 68 3b 68 3d 62 5b 66 2b 2b 5d 3b 29 67 6f 6f 67 6c 65 2e 74 69 6d 65 72 73 5b 61 5d 2e 74 5b 68 5d 3d 63 3b 64 26 26 74 26 26 70 65 72 66 6f 72 6d 61 6e 63 65 2e 6d 61 72 6b 26 26 28 61 3d 63 2d 74 2c 61 3e 30 26 26 70 65 72 66 6f 72 6d 61 6e 63 65 2e 6d 61 72 6b 28 64 2c 7b 73 74 61 72 74 54 69 6d 65 3a 61 7d 29 29 7d 3b 67 6f 6f 67 6c 65 2e 63 2e 65 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 67 6f 6f 67 6c 65 2e 74 69 6d 65 72 73 5b 61 5d 2e 65 5b 62 5d 3d 63 7d 3b 67 6f 6f 67 6c 65 2e 63 2e 62 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 62 3d 67 6f 6f 67 6c 65 2e 74 69 6d 65 72 73 5b 62 7c 7c 22 6c 6f 61 64 22 5d 2e 6d 3b 62 5b 61 5d 26 26 67 6f 6f 67 6c 65 2e 6d 6c 28 45 72 72 6f 72 28 22 61 22 29 2c 21 31 2c 7b Data Ascii: r(var f=0,h;h=b[f++];)google.timers[a].t[h]=c;d&&t&&performance.mark&&(a=c-t,a>0&&performance.mark(d,{startTime:a}))};google.c.e=function(a,b,c){google.timers[a].e[b]=c};google.c.b=function(a,b){b=google.timers[b\|\|"load"].m;b[a]&&google.ml(Error("a"),!1,{
2025-01-07 17:01:44 UTC	637	IN	Data Raw: 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 65 72 72 6f 72 22 2c 4a 2c 21 30 29 29 3b 67 6f 6f 67 6c 65 2e 63 76 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 64 2c 66 29 7b 69 66 28 21 64 29 61 3a 7b 66 6f 72 28 64 3d 61 3b 64 3b 64 3d 64 2e 70 61 72 65 6e 74 45 6c 65 6d 65 6e 74 29 69 66 28 64 2e 74 61 67 4e 61 6d 65 3d 3d 3d 22 47 2d 53 43 52 4f 4c 4c 49 4e 47 2d 43 41 52 4f 55 53 45 4c 22 29 62 72 65 61 6b 20 61 3b 64 3d 6e 75 6c 6c 7d 72 65 74 75 72 6e 20 63 61 28 61 2c 62 2c 63 2c 64 2c 66 29 7d 3b 66 75 6e 63 74 69 6f 6e 20 4e 28 61 29 7b 74 72 79 7b 61 28 29 7d 63 61 74 63 68 28 62 29 7b 67 6f 6f 67 6c 65 2e 6d 6c 28 62 2c 21 31 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 75 61 28 29 7b 69 66 28 67 6f 6f Data Ascii: umentElement.addEventListener("error",J,!0));google.cv=function(a,b,c,d,f){if(!d)a:{for(d=a;d;d=d.parentElement)if(d.tagName==="G-SCROLLING-CAROUSEL")break a;d=null}return ca(a,b,c,d,f)};function N(a){try{a()}catch(b){google.ml(b,!1)}}function ua(){if(goo
2025-01-07 17:01:44 UTC	205	IN	Data Raw: 63 37 0d 0a 20 61 66 74 73 20 63 62 73 20 63 62 74 20 66 68 74 20 66 72 74 73 20 66 72 76 74 20 68 63 74 20 68 73 74 20 70 72 74 20 70 72 73 20 73 63 74 22 2e 73 70 6c 69 74 28 22 20 22 29 3b 66 75 6e 63 74 69 6f 6e 20 50 28 61 29 7b 72 65 74 75 72 6e 28 61 3d 76 61 2e 73 65 61 72 63 68 2e 6d 61 74 63 68 28 6e 65 77 20 52 65 67 45 78 70 28 22 5b 3f 26 5d 22 2b 61 2b 22 3d 28 5c 5c 64 2b 29 22 29 29 29 3f 4e 75 6d 62 65 72 28 61 5b 31 5d 29 3a 2d 31 7d 0a 66 75 6e 63 74 69 6f 6e 20 51 28 61 29 7b 76 61 72 20 62 3d 67 6f 6f 67 6c 65 2e 74 69 6d 65 72 73 2e 6c 6f 61 64 2c 63 3d 62 2e 6d 3b 69 66 28 21 63 0d 0a Data Ascii: c7 afts cbs cbt fht frts frvt hct hst prt prs sct".split(" ");function P(a){return(a=va.search.match(new RegExp("[?&]"+a+"=(\\d+)")))?Number(a[1]):-1}function Q(a){var b=google.timers.load,c=b.m;if(!c
2025-01-07 17:01:44 UTC	1390	IN	Data Raw: 38 30 30 30 0d 0a 7c 7c 21 63 2e 70 72 73 29 7b 63 3d 77 69 6e 64 6f 77 2e 5f 63 73 63 3d 3d 3d 22 61 67 73 61 22 26 26 77 69 6e 64 6f 77 2e 5f 63 73 68 69 64 3b 76 61 72 20 64 3d 4f 28 29 7c 7c 63 3f 30 3a 50 28 22 71 73 75 62 74 73 22 29 3b 64 3e 30 26 26 28 63 3d 50 28 22 66 62 74 73 22 29 2c 63 3e 30 26 26 28 62 2e 74 2e 73 74 61 72 74 3d 4d 61 74 68 2e 6d 61 78 28 64 2c 63 29 29 29 3b 76 61 72 20 66 3d 62 2e 74 2c 68 3d 66 2e 73 74 61 72 74 3b 63 3d 7b 7d 3b 62 2e 77 73 72 74 21 3d 3d 76 6f 69 64 20 30 26 26 28 63 2e 77 73 72 74 3d 62 2e 77 73 72 74 29 3b 69 66 28 68 29 66 6f 72 28 76 61 72 20 6b 3d 30 2c 6d 3b 6d 3d 77 61 5b 6b 2b 2b 5d 3b 29 7b 76 61 72 20 6e 3d 66 5b 6d 5d 3b 6e 26 26 28 63 5b 6d 5d 3d 4d 61 74 68 2e 6d 61 78 28 6e 2d 68 2c 30 29 Data Ascii: 8000\|\|!c.prs){c=window._csc==="agsa"&&window._cshid;var d=O()\|\|c?0:P("qsubts");d>0&&(c=P("fbts"),c>0&&(b.t.start=Math.max(d,c)));var f=b.t,h=f.start;c={};b.wsrt!==void 0&&(c.wsrt=b.wsrt);if(h)for(var k=0,m;m=wa[k++];){var n=f[m];n&&(c[m]=Math.max(n-h,0)
2025-01-07 17:01:44 UTC	1390	IN	Data Raw: 2e 70 75 73 68 28 66 29 29 7d 29 3b 62 28 29 3b 68 3d 21 31 3b 64 28 29 7d 3b 76 61 72 20 54 3d 21 31 2c 55 3d 30 2c 56 3d 30 2c 57 3b 66 75 6e 63 74 69 6f 6e 20 7a 61 28 61 2c 62 29 7b 6e 61 26 26 21 42 28 29 26 26 28 67 6f 6f 67 6c 65 2e 63 2e 77 68 3d 4d 61 74 68 2e 66 6c 6f 6f 72 28 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 48 65 69 67 68 74 7c 7c 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 63 6c 69 65 6e 74 48 65 69 67 68 74 29 2c 42 28 29 26 26 41 28 22 77 68 75 22 2c 22 31 22 29 29 3b 76 61 72 20 63 3d 67 6f 6f 67 6c 65 2e 63 2e 77 68 3b 76 61 72 20 64 3d 21 62 3b 62 3d 62 3f 4d 61 74 68 2e 66 6c 6f 6f 72 28 62 2e 67 65 74 42 6f 75 6e 64 69 6e 67 43 6c 69 65 6e 74 52 65 63 74 28 29 2e 74 6f 70 2b 77 69 6e 64 6f 77 2e 70 61 Data Ascii: .push(f))});b();h=!1;d()};var T=!1,U=0,V=0,W;function za(a,b){na&&!B()&&(google.c.wh=Math.floor(window.innerHeight\|\|document.documentElement.clientHeight),B()&&A("whu","1"));var c=google.c.wh;var d=!b;b=b?Math.floor(b.getBoundingClientRect().top+window.pa
2025-01-07 17:01:44 UTC	1390	IN	Data Raw: 28 64 29 3b 64 2e 67 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 61 74 66 22 2c 53 74 72 69 6e 67 28 66 29 29 3b 72 65 74 75 72 6e 20 79 26 26 21 64 2e 42 26 26 28 21 64 2e 6c 7c 7c 64 2e 46 7c 7c 21 21 28 45 28 64 29 26 31 29 29 7d 66 75 6e 63 74 69 6f 6e 20 63 28 64 29 7b 79 26 26 7a 28 22 69 6d 6c 22 2c 64 7c 7c 61 29 3b 67 6f 6f 67 6c 65 2e 63 2e 75 28 22 69 6d 6c 22 29 7d 58 7c 7c 28 67 6f 6f 67 6c 65 2e 63 2e 62 28 22 69 6d 6c 22 29 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 53 28 62 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 2c 63 29 7d 28 30 29 2c 58 3d 21 30 29 7d 3b 67 6f 6f 67 6c 65 2e 63 2e 75 62 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 3b 69 66 28 21 78 7c 7c 77 29 67 6f 6f 67 6c 65 2e 63 2e 73 65 74 75 70 3d 41 61 3b 7d 29 2e 63 61 6c 6c Data Ascii: (d);d.g.setAttribute("data-atf",String(f));return y&&!d.B&&(!d.l\|\|d.F\|\|!!(E(d)&1))}function c(d){y&&z("iml",d\|\|a);google.c.u("iml")}X\|\|(google.c.b("iml"),function(){S(b,function(){},c)}(0),X=!0)};google.c.ub=function(){};if(!x\|\|w)google.c.setup=Aa;}).call

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:45 UTC	1730	OUT	GET /xjs/_/ss/k=xjs.hd.5207TriCDrQ.L.B1.O/am=CEgVAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAICgOwEAwAAAdgECBAAAQABgAAAEAQiAAAAhAAEIwAoAAIAAoAQAgAMAAgAKAAAAgRVAAgjIAQAlAAk98wGAAgEACAAIAAaQQUMgKgChABAAAAAAAABAAAAAwBAAAgEAOgACwAAQCQCA6IEAAAAAAIIAADABAIaBAQgAAAAAAACQAQAAAAwpIAAAAAAAAAAAAAAAAABAEAwFABQEAAAAAAAAAAAAAAAAAACAQBME/d=1/ed=1/br=1/rs=ACT90oFXTAKT0iRxi7XVLRJKsE0D30pDHA/m=cdos,hsm,jsa,mb4ZUb,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl,YV5bee,d,csi HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQjcvc0BCJDKzQEIucrNAQii0c0BCIrTzQEIntbNAQin2M0BCPnA1BUY9snNARi60s0BGOuNpRc= Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AZ6Zc-V3NDzY5GD-odoGC5HMfGXBe0BBilPReFewzLkpj5KY7t6I9Lcw0w; NID=520=dR0wKL5p6kLfAaRxqSJg0ZivkU7sgFycU7YRbaVrEsU6oGOCya0-3V2yRIiDcMcv2cVU78_-N-VbE8w_k4-eXmeIFKXUFsBQw70fjY4zx8waVpper0QPRWWXBV0SK9TRPbs-ftc-aeTmAb1QP-nr1-IcN30Mbz6z0UF1g49fa08RmFbe6GRQn7k9ZEYDpUPtq4NN8FsC
2025-01-07 17:01:45 UTC	809	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Vary: Accept-Encoding, Origin Content-Type: text/css; charset=UTF-8 Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gws-team" Report-To: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]} Content-Length: 7763 Date: Tue, 07 Jan 2025 17:01:45 GMT Expires: Wed, 07 Jan 2026 17:01:45 GMT Cache-Control: public, immutable, max-age=31536000 Last-Modified: Tue, 17 Dec 2024 20:03:53 GMT X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2025-01-07 17:01:45 UTC	581	IN	Data Raw: 3a 72 6f 6f 74 7b 2d 2d 43 4f 45 6d 59 3a 23 31 66 31 66 31 66 3b 2d 2d 78 68 55 47 77 63 3a 23 66 66 66 7d 3a 72 6f 6f 74 7b 2d 2d 76 5a 65 30 6a 62 3a 23 61 38 63 37 66 61 3b 2d 2d 6e 77 58 6f 62 62 3a 23 36 33 38 65 64 34 3b 2d 2d 56 75 5a 58 42 64 3a 23 30 30 31 64 33 35 3b 2d 2d 75 4c 7a 33 37 63 3a 23 35 34 35 64 37 65 3b 2d 2d 6a 49 4e 75 36 63 3a 23 30 30 31 64 33 35 3b 2d 2d 54 79 56 59 6c 64 3a 23 30 62 35 37 64 30 3b 2d 2d 5a 45 70 50 6d 64 3a 23 63 33 64 39 66 62 3b 2d 2d 51 57 61 61 61 66 3a 23 36 33 38 65 64 34 3b 2d 2d 44 45 65 53 74 66 3a 23 66 35 66 38 66 66 3b 2d 2d 54 53 57 5a 49 62 3a 23 65 35 65 64 66 66 3b 2d 2d 42 52 4c 77 45 3a 23 64 33 65 33 66 64 3b 2d 2d 67 53 35 6a 58 62 3a 23 64 61 64 63 65 30 3b 2d 2d 41 71 6e 37 78 64 3a 23 Data Ascii: :root{--COEmY:#1f1f1f;--xhUGwc:#fff}:root{--vZe0jb:#a8c7fa;--nwXobb:#638ed4;--VuZXBd:#001d35;--uLz37c:#545d7e;--jINu6c:#001d35;--TyVYld:#0b57d0;--ZEpPmd:#c3d9fb;--QWaaaf:#638ed4;--DEeStf:#f5f8ff;--TSWZIb:#e5edff;--BRLwE:#d3e3fd;--gS5jXb:#dadce0;--Aqn7xd:#
2025-01-07 17:01:45 UTC	1390	IN	Data Raw: 7d 2e 41 42 4d 46 5a 7b 74 72 61 6e 73 69 74 69 6f 6e 3a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 20 31 30 30 6d 73 2c 76 69 73 69 62 69 6c 69 74 79 20 30 73 20 32 35 30 6d 73 3b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 69 6e 73 65 74 3a 30 7d 2e 6a 62 42 49 74 66 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 44 55 30 4e 4a 7b 62 6f 74 74 6f 6d 3a 30 3b 6c 65 66 74 3a 30 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 72 69 67 68 74 3a 30 3b 74 6f 70 3a 30 7d 2e 6c 50 33 4a 6f 66 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 6e 4e 4d 75 4f 64 7b 61 6e Data Ascii: }.ABMFZ{transition:background-color 100ms,visibility 0s 250ms;position:fixed;visibility:hidden;inset:0}.jbBItf{display:block;position:relative}.DU0NJ{bottom:0;left:0;position:absolute;right:0;top:0}.lP3Jof{display:inline-block;position:relative}.nNMuOd{an
2025-01-07 17:01:45 UTC	1390	IN	Data Raw: 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 35 34 30 64 65 67 29 7d 36 32 2e 35 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 36 37 35 64 65 67 29 7d 37 35 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 38 31 30 64 65 67 29 7d 38 37 2e 35 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 39 34 35 64 65 67 29 7d 31 30 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 33 74 75 72 6e 29 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 71 6c 69 2d 62 6c 75 65 2d 66 61 64 65 2d 69 6e 2d 6f 75 74 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 2e 39 39 7d 32 35 25 7b 6f 70 61 63 69 74 79 3a 30 2e 39 39 7d 32 36 25 7b 6f 70 61 63 69 74 79 3a 30 7d 38 39 25 7b 6f 70 61 63 69 74 79 3a 30 7d 39 30 25 7b 6f 70 61 63 69 74 79 3a 30 2e 39 39 7d 31 Data Ascii: ansform:rotate(540deg)}62.5%{transform:rotate(675deg)}75%{transform:rotate(810deg)}87.5%{transform:rotate(945deg)}100%{transform:rotate(3turn)}}@keyframes qli-blue-fade-in-out{0%{opacity:0.99}25%{opacity:0.99}26%{opacity:0}89%{opacity:0}90%{opacity:0.99}1
2025-01-07 17:01:45 UTC	735	IN	Data Raw: 62 20 2e 74 53 33 50 35 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 47 67 54 4a 57 65 20 2e 6e 4e 4d 75 4f 64 20 2e 4a 37 75 75 55 65 7b 61 6e 69 6d 61 74 69 6f 6e 3a 71 6c 69 2d 6c 65 66 74 2d 73 70 69 6e 20 31 33 33 33 6d 73 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 30 2e 34 2c 30 2c 30 2e 32 2c 31 29 20 69 6e 66 69 6e 69 74 65 20 62 6f 74 68 7d 2e 47 67 54 4a 57 65 20 2e 6e 4e 4d 75 4f 64 20 2e 73 44 50 49 43 7b 61 6e 69 6d 61 74 69 6f 6e 3a 71 6c 69 2d 72 69 67 68 74 2d 73 70 69 6e 20 31 33 33 33 6d 73 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 30 2e 34 2c 30 2c 30 2e 32 2c 31 29 20 69 6e 66 69 6e 69 74 65 20 62 6f 74 68 7d 2e 42 53 6e 4c 62 20 2e 6e 4e 4d 75 4f 64 20 2e 4a 37 75 75 55 65 7b 61 Data Ascii: b .tS3P5{border-bottom-color:transparent}.GgTJWe .nNMuOd .J7uuUe{animation:qli-left-spin 1333ms cubic-bezier(0.4,0,0.2,1) infinite both}.GgTJWe .nNMuOd .sDPIC{animation:qli-right-spin 1333ms cubic-bezier(0.4,0,0.2,1) infinite both}.BSnLb .nNMuOd .J7uuUe{a
2025-01-07 17:01:45 UTC	1390	IN	Data Raw: 6b 65 79 66 72 61 6d 65 73 20 71 6c 69 2d 72 69 67 68 74 2d 73 70 69 6e 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 33 30 64 65 67 29 7d 35 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 35 64 65 67 29 7d 31 30 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 33 30 64 65 67 29 7d 7d 2e 56 44 67 56 69 65 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 79 55 54 4d 6a 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 52 6f 62 6f 74 6f 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 2e 7a 4a 55 75 71 66 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 34 70 78 7d 2e 41 42 34 57 66 66 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 31 36 70 78 7d 2e 4f 68 53 63 69 Data Ascii: keyframes qli-right-spin{0%{transform:rotate(-130deg)}50%{transform:rotate(5deg)}100%{transform:rotate(-130deg)}}.VDgVie{text-align:center}.yUTMj{font-family:Roboto,Arial,sans-serif;font-weight:400}.zJUuqf{margin-bottom:4px}.AB4Wff{margin-left:16px}.OhSci
2025-01-07 17:01:45 UTC	1390	IN	Data Raw: 6f 74 68 7d 2e 54 78 6e 67 6e 62 2e 54 78 6e 67 6e 62 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 30 70 78 7d 2e 54 78 6e 67 6e 62 7b 63 6f 6c 6f 72 3a 23 66 66 66 3b 66 6c 65 78 3a 31 20 31 20 61 75 74 6f 3b 6d 61 72 67 69 6e 3a 31 34 70 78 20 30 3b 77 6f 72 64 2d 62 72 65 61 6b 3a 62 72 65 61 6b 2d 77 6f 72 64 7d 2e 73 48 46 4e 59 64 7b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 2d 38 70 78 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 35 36 39 70 78 29 20 61 6e 64 20 28 6d 69 6e 2d 68 65 69 67 68 74 3a 35 36 39 70 78 29 7b 2e 4c 48 33 77 47 2c 2e 6a 68 5a 76 6f 64 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 57 75 30 76 39 62 2c 2e 79 4b 36 6a 71 65 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 6d 61 78 2d 77 69 Data Ascii: oth}.Txngnb.Txngnb{line-height:20px}.Txngnb{color:#fff;flex:1 1 auto;margin:14px 0;word-break:break-word}.sHFNYd{margin-right:-8px}@media (min-width:569px) and (min-height:569px){.LH3wG,.jhZvod{text-align:center}.Wu0v9b,.yK6jqe{display:inline-block;max-wi
2025-01-07 17:01:45 UTC	887	IN	Data Raw: 72 3d 72 74 6c 5d 20 2e 74 59 6d 66 78 65 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 28 2d 32 2e 35 70 78 2c 31 2e 38 70 78 29 20 72 6f 74 61 74 65 5a 28 34 35 64 65 67 29 7d 2e 49 42 50 5a 75 2e 74 59 6d 66 78 65 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 28 32 2e 35 70 78 2c 2d 35 2e 37 70 78 29 20 72 6f 74 61 74 65 5a 28 34 35 64 65 67 29 7d 5b 64 69 72 3d 72 74 6c 5d 20 2e 49 42 50 5a 75 2e 74 59 6d 66 78 65 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 28 2d 32 2e 35 70 78 2c 2d 35 2e 37 70 78 29 20 72 6f 74 61 74 65 5a 28 34 35 64 65 67 29 7d 2e 6f 51 63 50 74 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 6e 6f 6e 65 3b 62 6f 72 64 65 72 2d 6c 65 66 74 3a 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 Data Ascii: r=rtl] .tYmfxe{transform:translate(-2.5px,1.8px) rotateZ(45deg)}.IBPZu.tYmfxe{transform:translate(2.5px,-5.7px) rotateZ(45deg)}[dir=rtl] .IBPZu.tYmfxe{transform:translate(-2.5px,-5.7px) rotateZ(45deg)}.oQcPt{border-bottom:none;border-left:1px solid rgba(0

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:45 UTC	1388	OUT	GET /images/branding/googlelogo/1x/googlelogo_color_272x92dp.png HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQjcvc0BCJDKzQEIucrNAQii0c0BCIrTzQEIntbNAQin2M0BCPnA1BUY9snNARi60s0BGOuNpRc= Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AZ6Zc-V3NDzY5GD-odoGC5HMfGXBe0BBilPReFewzLkpj5KY7t6I9Lcw0w; NID=520=dR0wKL5p6kLfAaRxqSJg0ZivkU7sgFycU7YRbaVrEsU6oGOCya0-3V2yRIiDcMcv2cVU78_-N-VbE8w_k4-eXmeIFKXUFsBQw70fjY4zx8waVpper0QPRWWXBV0SK9TRPbs-ftc-aeTmAb1QP-nr1-IcN30Mbz6z0UF1g49fa08RmFbe6GRQn7k9ZEYDpUPtq4NN8FsC
2025-01-07 17:01:45 UTC	671	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Type: image/png Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable" Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} Content-Length: 5969 Date: Tue, 07 Jan 2025 17:01:45 GMT Expires: Tue, 07 Jan 2025 17:01:45 GMT Cache-Control: private, max-age=31536000 Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2025-01-07 17:01:45 UTC	719	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 10 00 00 00 5c 08 06 00 00 00 a6 e7 ea b6 00 00 17 18 49 44 41 54 78 01 ed 5d 0b 94 1c 55 99 be 3a d3 81 c0 2e 82 c2 2a 82 08 12 10 90 05 92 aa 9a 84 90 d8 5d b7 7b b2 41 e2 41 81 28 b8 bb 0a 08 8a 1b 5c 84 98 05 e5 31 9a ae 9a 09 89 c0 02 0a 41 40 36 e1 81 06 17 10 1f 90 cc 24 01 f4 08 28 c8 43 58 58 7c 10 1e 64 fa 11 92 49 55 75 1e 99 64 7a ef b7 e6 b8 a4 b7 67 e6 bf d5 75 bb aa 87 fb 9d 73 4f e7 31 d3 d3 67 ea d6 57 ff fd ff ef ff 7e 16 07 66 76 ad db 2b ed 54 4c ee 7a a7 71 d7 9f 63 bb c1 65 b6 eb 3b dc f1 7b c4 df e7 8b bf 5f 22 d6 b9 d9 ee 60 56 da f5 8f 4e 77 55 77 67 1a 1a 1a ef 4c a4 7b 36 1f cc 9d ca 79 dc 0d ee b2 5d ff cf e2 b5 2a b3 32 79 6f bb 78 7d 5e 7c ef cd dc f5 ff 29 dd e5 ed cb Data Ascii: PNGIHDR\IDATx]U:.]{AA(\1A@6$(CXX\|dIUudzgusO1gW~fv+TLzqce;{_"`VNwUwgL{6y]2yox}^\|)
2025-01-07 17:01:45 UTC	1390	IN	Data Raw: 43 84 69 68 68 02 89 07 5d 5d d5 77 73 d7 7f 4c 92 3c e6 31 0d 0d 0d 4d 20 82 0c 3e 2f 79 6c b9 86 1e 79 68 68 8c 59 68 02 99 79 ed d0 6e dc f5 d6 48 94 69 57 21 d9 ca 34 34 34 34 81 70 27 38 47 82 3c d6 a1 8c ca 34 34 34 34 81 20 f7 21 d3 24 27 92 95 5f 60 80 86 86 86 26 10 f4 ba c8 68 3d 40 38 0c d0 d0 d0 d0 04 c2 f3 c1 9d 54 02 41 6f 0c 03 34 34 34 34 81 a0 23 96 da 69 9b 71 fd 27 74 d5 a5 75 a0 a1 09 a4 da c5 de 8d c5 54 01 e2 2b 6a f4 41 53 79 6a 54 d3 e9 f6 75 dc e8 28 66 cd 79 c5 ac 75 77 81 1b bf 2d 65 8d 42 c9 b6 2a 85 ac 35 84 57 fc 1d ff 2e fe ff ae a2 6d 7e bd 9c 35 2d 7c 5f 22 3e ff 6a d6 be ad af bd 63 5b 6f fb bc 6d 2b da ef 1e ec 4b fd 76 eb 8a 54 61 6b 5f aa 22 fe 5c 15 7f 1e 14 ab 3c d8 db f6 8c f8 ba 1f 89 75 b1 f8 da e3 f1 7d 2c 01 c0 Data Ascii: Cihh]]wsL<1M >/ylyhhYhynHiW!4444p'8G<4444 !$'_`&h=@8TAo4444#iq'tuT+jASyjTu(fyuw-eB*5W.m~5-\|_">jc[om+KvTak_"\<u},
2025-01-07 17:01:45 UTC	1390	IN	Data Raw: 43 0f b1 f7 8a 23 ce 72 99 ca cc 96 87 c6 1d 31 aa d5 c4 4e b1 23 71 fd 11 92 83 b0 09 5a 54 77 92 40 20 90 a4 4b 44 a3 cf 23 ca 0d 59 51 5c 48 8c 42 9e c5 91 aa 36 2c bc 92 96 44 f5 1e 1c f3 11 88 13 5c 3c cc 85 5c 2a 71 21 ef ad 1a 46 8a 35 80 ea ec a3 c6 15 b3 d6 4f 24 7e e6 6d 6c 04 88 68 62 89 c4 b1 e2 9e 46 fb 59 aa 4f b2 94 78 9f fb 24 a2 9d 11 f3 6b 19 c7 3b 55 86 3c a6 3b c1 fe ac 01 80 7c 32 6e f0 56 d3 09 a4 f6 98 91 b5 7c 62 14 fa 5f 88 56 1a e9 db c2 51 9b f2 b3 10 55 d7 3a b0 cf 25 26 51 5f 1e eb 04 62 77 07 5f 67 35 28 e7 26 7e 90 aa f7 28 64 cd 27 11 16 32 02 68 6a 43 e3 19 a2 c8 6c 10 99 fa ba 11 c1 83 6c 7f b2 de 63 45 ea 09 91 93 d8 8d 45 80 a1 5f b3 f1 22 2f f2 3b 6a 14 32 b4 62 fc b0 ee 76 f0 9f 21 b6 5a 78 c8 75 b0 08 20 f6 c2 8c 38 Data Ascii: C#r1N#qZTw@ KD#YQ\HB6,D\<\*q!F5O$~mlhbFYOx$k;U<;\|2nV\|b_VQU:%&Q_bw_g5(&~(d'2hjCllcEE_"/;j2bv!Zxu 8
2025-01-07 17:01:45 UTC	1390	IN	Data Raw: 0d 7f e3 9a a7 13 2f d6 0f 98 42 60 68 10 d1 bf f2 33 ec 6d d8 de 97 3a 9d 56 3e 6d bb 45 71 19 f7 0e ca e7 c0 e7 dd c5 81 2c bf f9 10 e2 3e 7c 89 29 42 6e be 77 64 93 85 64 d8 77 3d 0d 3a f8 3f 02 43 21 9a cc 5d 01 30 40 4a 72 86 c6 d2 d9 cb aa 6d 2c 01 80 7a 51 90 da 6f c9 47 31 a7 72 f2 b0 12 e0 f4 e4 83 89 5d b8 eb c3 74 e1 52 65 c8 d4 b6 ee da 27 cd e6 d5 bb 1d 4c ac 7e bc 25 5a f8 95 7c 7e e4 57 44 72 d4 a3 7c 8e cd cb 77 3b a4 f6 e9 4f 95 17 a0 08 c0 14 00 1a 93 a6 2b 51 73 e6 29 21 88 c3 2f 71 eb 7b 30 5f 8e ff 26 5c 18 7c 40 90 c8 7a c9 6e d6 65 18 f2 c3 62 c4 cc ae 75 7b 71 37 78 44 22 7a 7a 7a b4 06 2c 6a b7 62 39 6b 7e 49 51 33 dd bf 12 37 d0 1f ea 3b b0 b7 bd 42 24 91 73 14 4d bc fb 2a e5 e7 e3 73 d6 73 3f e3 f9 e0 4e 62 1e eb 56 05 f3 75 db Data Ascii: /B`h3m:V>mEq,>\|)Bnwddw=:?C!]0@Jrm,zQoG1r]tRe'L~%Z\|~WDr\|w;O+Qs)!/q{0_&\\|@znebu{q7xD"zzz,jb9k~IQ37;B$sM*ss?NbVu
2025-01-07 17:01:45 UTC	1080	IN	Data Raw: 35 71 cf fd be 90 35 3f c2 54 03 c2 2c 54 56 70 03 c7 73 5c 81 fd bf b7 04 19 75 d6 44 94 b2 1d 27 29 0e 2d 51 3e 5b 8b 11 13 4c 01 44 27 ee 49 22 09 da af 92 38 f0 fe 98 f4 af 46 4c 58 b1 60 2b a1 60 3f 55 60 54 04 55 75 92 08 04 78 79 e6 84 dd f0 30 41 45 44 2d 79 98 37 10 12 a6 d1 13 09 ca a5 b6 eb bd d6 ac 88 03 ea 43 94 7e 59 93 51 33 08 79 11 ca aa 51 db ce 95 b2 e6 95 aa 1b a5 44 3e 62 2f 11 1d 2c c2 78 cb 48 89 03 ef 87 a8 03 93 fe 15 02 33 61 6c d7 ff 56 54 0f af bf 54 1a fd 63 98 00 85 40 90 a8 57 42 20 84 36 8b 02 b7 1e 8e 9a 38 10 e1 14 73 c6 34 16 27 a0 04 84 f0 cb 76 fc 5b b8 1b 94 23 26 8d 6d f0 21 e1 4e 70 4e 6e c1 7a 85 9b 53 be 09 a9 c4 ad 6e 44 24 8d 46 1c c5 ac e9 d4 cc e2 50 0e e8 3d c4 8d df dd 68 44 b2 b3 81 ae 07 fa 90 66 77 91 43 Data Ascii: 5q5?T,TVps\uD')-Q>[LD'I"8FLX`+`?U`TUuxy0AED-y7C~YQ3yQD>b/,xH3alVTTc@WB 68s4'v[#&m!NpNnzSnD$FP=hDfwC

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report FACTURAMAIL.html

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

HIPS / PFW / Operating System Protection Evasion

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 235

Chrome Cache Entry: 236

Chrome Cache Entry: 237

Chrome Cache Entry: 238

Chrome Cache Entry: 239

Chrome Cache Entry: 240

Chrome Cache Entry: 241

Chrome Cache Entry: 242

Chrome Cache Entry: 243

Chrome Cache Entry: 244

Chrome Cache Entry: 245

Chrome Cache Entry: 246

Chrome Cache Entry: 247

Chrome Cache Entry: 248

Chrome Cache Entry: 249

Chrome Cache Entry: 250

Chrome Cache Entry: 251

Chrome Cache Entry: 252

Chrome Cache Entry: 253

Chrome Cache Entry: 254

Chrome Cache Entry: 255

Chrome Cache Entry: 256

Chrome Cache Entry: 257

Chrome Cache Entry: 258

Chrome Cache Entry: 259

Chrome Cache Entry: 260

Windows Analysis Report
FACTURAMAIL.html

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:45 UTC	3967	OUT	GET /xjs/_/js/k=xjs.hd.en_US.JtqAkOlSgkU.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAACgAAAAAAQAAAAABAAAQAAAAAAEAQiCAAAgAAAAwAIAAAQDgAAAAAIAABAAwKNMARAgAgAAAAAgAIAAwgIAABAAAAAIAAAAAAAAKAAAAAAACAAAAAAAAAAAQIAAAAAAAAAAAAAAAQAA6AEAAAAAAAAABAQAAIaBAQgAAAAAAAD0AUDwAAwpLAAAAAAAAAAAAAAAAARIEMyFBBQEIAAAAAAAAAAAAAAAAACASBMXNg/d=1/ed=1/dg=3/br=1/rs=ACT90oHeywv9r6nrNzHuDsA-SeQ0P55qWw/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;Dkk6ge:JZmW9e;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HoYVKb:PkDN7e;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXJSm:ii1RGf;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LXA8b:q7OdKd;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;OohIYe:mpEAQb;Pjp [TRUNCATED] Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQjcvc0BCJDKzQEIucrNAQii0c0BCIrTzQEIntbNAQin2M0BCPnA1BUY9snNARi60s0BGOuNpRc= Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AZ6Zc-V3NDzY5GD-odoGC5HMfGXBe0BBilPReFewzLkpj5KY7t6I9Lcw0w; NID=520=dR0wKL5p6kLfAaRxqSJg0ZivkU7sgFycU7YRbaVrEsU6oGOCya0-3V2yRIiDcMcv2cVU78_-N-VbE8w_k4-eXmeIFKXUFsBQw70fjY4zx8waVpper0QPRWWXBV0SK9TRPbs-ftc-aeTmAb1QP-nr1-IcN30Mbz6z0UF1g49fa08RmFbe6GRQn7k9ZEYDpUPtq4NN8FsC
2025-01-07 17:01:45 UTC	831	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gws-team" Report-To: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]} Content-Length: 1152647 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Tue, 07 Jan 2025 04:39:24 GMT Expires: Wed, 07 Jan 2026 04:39:24 GMT Cache-Control: public, immutable, max-age=31536000 Last-Modified: Mon, 06 Jan 2025 20:14:51 GMT Content-Type: text/javascript; charset=UTF-8 Vary: Accept-Encoding, Origin Age: 44541 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2025-01-07 17:01:45 UTC	559	IN	Data Raw: 74 68 69 73 2e 5f 68 64 3d 74 68 69 73 2e 5f 68 64 7c 7c 7b 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 74 72 79 7b 0a 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 54 68 65 20 43 6c 6f 73 75 72 65 20 4c 69 62 72 61 72 79 20 41 75 74 68 6f 72 73 2e 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 0a 2a 2f 0a 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 47 6f 6f 67 6c 65 20 4c 4c 43 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 0a 2a 2f 0a 2f 2a 0a 0a 20 43 6f 70 79 72 69 67 68 74 20 32 30 32 34 20 47 6f 6f 67 6c 65 2c 20 49 6e 63 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 Data Ascii: this._hd=this._hd\|\|{};(function(_){var window=this;try{/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0// Copyright Google LLC SPDX-License-Identifier: Apache-2.0// Copyright 2024 Google, Inc SPDX-License-Id
2025-01-07 17:01:45 UTC	1390	IN	Data Raw: 61 2c 64 63 61 2c 68 63 61 2c 6a 63 61 2c 75 63 61 2c 76 63 61 2c 77 63 61 2c 78 63 61 2c 79 63 61 2c 72 63 61 2c 7a 63 61 2c 6f 63 61 2c 41 63 61 2c 6e 63 61 2c 70 63 61 2c 71 63 61 2c 42 63 61 2c 43 63 61 2c 44 63 61 2c 46 63 61 2c 4f 63 61 2c 50 63 61 2c 54 63 61 2c 55 63 61 2c 59 63 61 2c 61 64 61 2c 56 63 61 2c 24 63 61 2c 5a 63 61 2c 58 63 61 2c 57 63 61 2c 62 64 61 2c 63 64 61 2c 64 64 61 2c 66 64 61 2c 6b 64 61 2c 6c 64 61 2c 74 64 61 2c 75 64 61 2c 76 64 61 2c 77 64 61 2c 78 64 61 2c 79 64 61 2c 6d 64 61 2c 7a 64 61 2c 43 64 61 2c 45 64 61 2c 44 64 61 2c 47 64 61 2c 49 64 61 2c 48 64 61 2c 4b 64 61 2c 4a 64 61 2c 4e 64 61 2c 4d 64 61 2c 4f 64 61 2c 53 64 61 2c 54 64 61 2c 57 64 61 2c 59 64 61 2c 61 65 61 2c 62 65 61 2c 65 65 61 2c 45 62 2c 6b 65 Data Ascii: a,dca,hca,jca,uca,vca,wca,xca,yca,rca,zca,oca,Aca,nca,pca,qca,Bca,Cca,Dca,Fca,Oca,Pca,Tca,Uca,Yca,ada,Vca,$ca,Zca,Xca,Wca,bda,cda,dda,fda,kda,lda,tda,uda,vda,wda,xda,yda,mda,zda,Cda,Eda,Dda,Gda,Ida,Hda,Kda,Jda,Nda,Mda,Oda,Sda,Tda,Wda,Yda,aea,bea,eea,Eb,ke
2025-01-07 17:01:45 UTC	1390	IN	Data Raw: 6a 76 61 2c 6b 76 61 2c 6c 76 61 2c 6d 76 61 2c 76 76 61 2c 75 76 61 2c 43 76 61 2c 45 76 61 2c 44 76 61 2c 46 76 61 2c 4e 76 61 2c 4f 76 61 2c 52 76 61 2c 4c 76 61 2c 55 76 61 2c 56 76 61 2c 65 77 61 2c 6c 77 61 2c 6d 77 61 2c 6e 77 61 2c 72 77 61 2c 71 77 61 2c 74 77 61 2c 73 77 61 2c 75 77 61 2c 77 77 61 2c 7a 77 61 2c 43 77 61 2c 44 77 61 2c 47 77 61 2c 48 77 61 2c 49 77 61 2c 4c 77 61 2c 4a 77 61 2c 56 77 61 2c 55 77 61 2c 57 77 61 2c 24 77 61 2c 6d 78 61 2c 6e 78 61 2c 6f 78 61 2c 6c 78 61 2c 71 78 61 2c 72 78 61 2c 73 78 61 2c 74 78 61 2c 75 78 61 2c 76 78 61 2c 43 78 61 2c 45 78 61 2c 46 78 61 2c 47 78 61 2c 48 78 61 2c 49 78 61 2c 4a 78 61 2c 4b 78 61 2c 50 78 61 2c 53 78 61 2c 56 78 61 2c 58 78 61 2c 5a 78 61 2c 63 79 61 2c 64 79 61 2c 65 79 61 Data Ascii: jva,kva,lva,mva,vva,uva,Cva,Eva,Dva,Fva,Nva,Ova,Rva,Lva,Uva,Vva,ewa,lwa,mwa,nwa,rwa,qwa,twa,swa,uwa,wwa,zwa,Cwa,Dwa,Gwa,Hwa,Iwa,Lwa,Jwa,Vwa,Uwa,Wwa,$wa,mxa,nxa,oxa,lxa,qxa,rxa,sxa,txa,uxa,vxa,Cxa,Exa,Fxa,Gxa,Hxa,Ixa,Jxa,Kxa,Pxa,Sxa,Vxa,Xxa,Zxa,cya,dya,eya
2025-01-07 17:01:45 UTC	1390	IN	Data Raw: 2b 5d 3d 66 3e 3e 31 32 7c 32 32 34 3b 64 5b 63 2b 2b 5d 3d 66 3e 3e 36 26 36 33 7c 31 32 38 7d 64 5b 63 2b 2b 5d 3d 66 26 36 33 7c 31 32 38 7d 7d 61 3d 63 3d 3d 3d 64 2e 6c 65 6e 67 74 68 3f 64 3a 64 2e 73 75 62 61 72 72 61 79 28 30 2c 63 29 7d 72 65 74 75 72 6e 20 61 7d 3b 5f 2e 64 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 5f 2e 63 61 2e 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 72 6f 77 20 61 3b 7d 2c 30 29 7d 3b 5f 2e 65 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 5f 2e 63 61 2e 6e 61 76 69 67 61 74 6f 72 3b 72 65 74 75 72 6e 20 61 26 26 28 61 3d 61 2e 75 73 65 72 41 67 65 6e 74 29 3f 61 3a 22 22 7d 3b 69 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 5f 2e 68 61 61 3f 5f 2e 66 61 3f 5f 2e Data Ascii: +]=f>>12\|224;d[c++]=f>>6&63\|128}d[c++]=f&63\|128}}a=c===d.length?d:d.subarray(0,c)}return a};_.da=function(a){_.ca.setTimeout(function(){throw a;},0)};_.ea=function(){var a=_.ca.navigator;return a&&(a=a.userAgent)?a:""};iaa=function(a){return _.haa?_.fa?_.
2025-01-07 17:01:45 UTC	1390	IN	Data Raw: 7b 72 65 74 75 72 6e 20 62 5b 63 2e 66 69 6e 64 28 66 75 6e 63 74 69 6f 6e 28 64 29 7b 72 65 74 75 72 6e 20 64 20 69 6e 20 62 7d 29 5d 7c 7c 22 22 7d 7d 3b 5f 2e 74 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 2f 72 76 3a 20 2a 28 5b 5c 64 5c 2e 5d 2a 29 2f 2e 65 78 65 63 28 61 29 3b 69 66 28 62 26 26 62 5b 31 5d 29 72 65 74 75 72 6e 20 62 5b 31 5d 3b 62 3d 22 22 3b 76 61 72 20 63 3d 2f 4d 53 49 45 20 2b 28 5b 5c 64 5c 2e 5d 2b 29 2f 2e 65 78 65 63 28 61 29 3b 69 66 28 63 26 26 63 5b 31 5d 29 69 66 28 61 3d 2f 54 72 69 64 65 6e 74 5c 2f 28 5c 64 2e 5c 64 29 2f 2e 65 78 65 63 28 61 29 2c 63 5b 31 5d 3d 3d 22 37 2e 30 22 29 69 66 28 61 26 26 61 5b 31 5d 29 73 77 69 74 63 68 28 61 5b 31 5d 29 7b 63 61 73 65 20 22 34 2e 30 22 3a 62 3d 22 38 Data Ascii: {return b[c.find(function(d){return d in b})]\|\|""}};_.taa=function(a){var b=/rv: ([\d\.])/.exec(a);if(b&&b[1])return b[1];b="";var c=/MSIE +([\d\.]+)/.exec(a);if(c&&c[1])if(a=/Trident\/(\d.\d)/.exec(a),c[1]=="7.0")if(a&&a[1])switch(a[1]){case "4.0":b="8
2025-01-07 17:01:45 UTC	1390	IN	Data Raw: 79 61 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 77 61 61 28 29 3f 5f 2e 66 61 2e 70 6c 61 74 66 6f 72 6d 3d 3d 3d 22 6d 61 63 4f 53 22 3a 5f 2e 69 61 28 22 4d 61 63 69 6e 74 6f 73 68 22 29 7d 3b 5f 2e 7a 61 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 77 61 61 28 29 3f 5f 2e 66 61 2e 70 6c 61 74 66 6f 72 6d 3d 3d 3d 22 4c 69 6e 75 78 22 3a 5f 2e 69 61 28 22 4c 69 6e 75 78 22 29 7d 3b 5f 2e 41 61 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 77 61 61 28 29 3f 5f 2e 66 61 2e 70 6c 61 74 66 6f 72 6d 3d 3d 3d 22 57 69 6e 64 6f 77 73 22 3a 5f 2e 69 61 28 22 57 69 6e 64 6f 77 73 22 29 7d 3b 42 61 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 77 61 61 28 29 3f 5f 2e 66 61 2e 70 6c 61 74 66 6f 72 6d 3d Data Ascii: yaa=function(){return waa()?_.fa.platform==="macOS":_.ia("Macintosh")};_.zaa=function(){return waa()?_.fa.platform==="Linux":_.ia("Linux")};_.Aaa=function(){return waa()?_.fa.platform==="Windows":_.ia("Windows")};Baa=function(){return waa()?_.fa.platform=
2025-01-07 17:01:45 UTC	1390	IN	Data Raw: 5b 65 5d 2c 65 2c 61 29 29 72 65 74 75 72 6e 20 65 3b 72 65 74 75 72 6e 2d 31 7d 3b 5f 2e 45 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 5f 2e 44 61 28 61 2c 62 29 3e 3d 30 7d 3b 5f 2e 46 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 5f 2e 45 61 28 61 2c 62 29 7c 7c 61 2e 70 75 73 68 28 62 29 7d 3b 5f 2e 48 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 62 3d 5f 2e 44 61 28 61 2c 62 29 3b 76 61 72 20 63 3b 28 63 3d 62 3e 3d 30 29 26 26 5f 2e 47 61 28 61 2c 62 29 3b 72 65 74 75 72 6e 20 63 7d 3b 5f 2e 47 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 73 70 6c 69 63 65 2e 63 61 6c 6c 28 61 2c 62 2c 31 29 2e 6c 65 6e 67 74 68 3d 3d 31 7d 3b 0a 5f 2e 47 61 61 3d Data Ascii: [e],e,a))return e;return-1};_.Ea=function(a,b){return _.Da(a,b)>=0};_.Fa=function(a,b){_.Ea(a,b)\|\|a.push(b)};_.Ha=function(a,b){b=_.Da(a,b);var c;(c=b>=0)&&_.Ga(a,b);return c};_.Ga=function(a,b){return Array.prototype.splice.call(a,b,1).length==1};_.Gaa=
2025-01-07 17:01:45 UTC	1390	IN	Data Raw: 74 28 62 7c 7c 5f 2e 4c 61 61 29 7d 3b 5f 2e 51 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 69 66 28 21 5f 2e 4b 61 28 61 29 7c 7c 21 5f 2e 4b 61 28 62 29 7c 7c 61 2e 6c 65 6e 67 74 68 21 3d 62 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 21 31 3b 76 61 72 20 64 3d 61 2e 6c 65 6e 67 74 68 3b 63 3d 63 7c 7c 4e 61 61 3b 66 6f 72 28 76 61 72 20 65 3d 30 3b 65 3c 64 3b 65 2b 2b 29 69 66 28 21 63 28 61 5b 65 5d 2c 62 5b 65 5d 29 29 72 65 74 75 72 6e 21 31 3b 72 65 74 75 72 6e 21 30 7d 3b 5f 2e 4c 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 61 3e 62 3f 31 3a 61 3c 62 3f 2d 31 3a 30 7d 3b 4e 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 61 3d 3d 3d 62 7d 3b 0a 5f 2e 4f 61 61 3d 66 75 6e 63 74 69 6f 6e Data Ascii: t(b\|\|_.Laa)};_.Qa=function(a,b,c){if(!_.Ka(a)\|\|!_.Ka(b)\|\|a.length!=b.length)return!1;var d=a.length;c=c\|\|Naa;for(var e=0;e<d;e++)if(!c(a[e],b[e]))return!1;return!0};_.Laa=function(a,b){return a>b?1:a<b?-1:0};Naa=function(a,b){return a===b};_.Oaa=function
2025-01-07 17:01:45 UTC	1390	IN	Data Raw: 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 5a 61 61 26 26 61 21 3d 6e 75 6c 6c 26 26 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 55 69 6e 74 38 41 72 72 61 79 7d 3b 0a 24 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 76 61 72 20 63 3d 61 2e 6c 65 6e 67 74 68 3b 69 66 28 63 21 3d 3d 62 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 21 31 3b 66 6f 72 28 76 61 72 20 64 3d 30 3b 64 3c 63 3b 64 2b 2b 29 69 66 28 61 5b 64 5d 21 3d 3d 62 5b 64 5d 29 72 65 74 75 72 6e 21 31 3b 72 65 74 75 72 6e 21 30 7d 3b 5f 2e 61 62 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 2e 6c 65 6e 67 74 68 3d 3d 30 3f 5f 2e 59 61 28 29 3a 6e 65 77 20 5f 2e 5a 61 28 61 2c 5f 2e 61 62 29 7d 3b 0a 63 62 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 74 79 70 65 Data Ascii: nction(a){return Zaa&&a!=null&&a instanceof Uint8Array};$aa=function(a,b){var c=a.length;if(c!==b.length)return!1;for(var d=0;d<c;d++)if(a[d]!==b[d])return!1;return!0};_.aba=function(a){return a.length==0?_.Ya():new _.Za(a,_.ab)};cba=function(a){if(type
2025-01-07 17:01:45 UTC	1390	IN	Data Raw: 4e 75 6d 62 65 72 2e 69 73 53 61 66 65 49 6e 74 65 67 65 72 28 62 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 53 74 72 69 6e 67 28 62 29 29 3b 72 65 74 75 72 6e 20 71 62 61 3f 42 69 67 49 6e 74 28 61 29 3a 61 3d 72 62 61 28 61 29 3f 61 3f 22 31 22 3a 22 30 22 3a 28 30 2c 5f 2e 6f 62 61 29 28 61 29 3f 61 2e 74 72 69 6d 28 29 7c 7c 22 30 22 3a 53 74 72 69 6e 67 28 61 29 7d 3b 73 62 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 61 2e 6c 65 6e 67 74 68 3e 62 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 21 31 3b 69 66 28 61 2e 6c 65 6e 67 74 68 3c 62 2e 6c 65 6e 67 74 68 7c 7c 61 3d 3d 3d 62 29 72 65 74 75 72 6e 21 30 3b 66 6f 72 28 76 61 72 20 63 3d 30 3b 63 3c 61 2e 6c 65 6e 67 74 68 3b 63 2b 2b 29 7b 76 61 72 20 64 3d 61 5b 63 5d 2c 65 3d 62 5b 63 5d Data Ascii: Number.isSafeInteger(b))throw Error(String(b));return qba?BigInt(a):a=rba(a)?a?"1":"0":(0,_.oba)(a)?a.trim()\|\|"0":String(a)};sba=function(a,b){if(a.length>b.length)return!1;if(a.length<b.length\|\|a===b)return!0;for(var c=0;c<a.length;c++){var d=a[c],e=b[c]

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:45 UTC	1468	OUT	POST /gen_204?s=webhp&t=cap&atyp=csi&ei=-F19Z6PLDqaV9u8Pra276A8&rt=wsrt.4402,cbt.91,hst.49&opi=89978449&dt=&ts=300 HTTP/1.1 Host: www.google.com Connection: keep-alive Content-Length: 0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" Content-Type: text/plain;charset=UTF-8 sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / Origin: https://www.google.com X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQjcvc0BCJDKzQEIucrNAQii0c0BCIrTzQEIntbNAQin2M0BCPnA1BUY9snNARi60s0BGOuNpRc= Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AZ6Zc-V3NDzY5GD-odoGC5HMfGXBe0BBilPReFewzLkpj5KY7t6I9Lcw0w; NID=520=dR0wKL5p6kLfAaRxqSJg0ZivkU7sgFycU7YRbaVrEsU6oGOCya0-3V2yRIiDcMcv2cVU78_-N-VbE8w_k4-eXmeIFKXUFsBQw70fjY4zx8waVpper0QPRWWXBV0SK9TRPbs-ftc-aeTmAb1QP-nr1-IcN30Mbz6z0UF1g49fa08RmFbe6GRQn7k9ZEYDpUPtq4NN8FsC
2025-01-07 17:01:45 UTC	715	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=UTF-8 Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-6m1B2_QUmkpQi9nXsVVeHA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} Permissions-Policy: unload=() Date: Tue, 07 Jan 2025 17:01:45 GMT Server: gws Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:46 UTC	2669	OUT	GET /async/hpba?yv=3&cs=0&ei=-F19Z6PLDqaV9u8Pra276A8&async=_basejs:/xjs/_/js/k%3Dxjs.hd.en_US.JtqAkOlSgkU.es5.O/am%3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAACgAAAAAAQAAAAABAAAQAAAAAAEAQCCAAAgAAAAwAIAAAQDgAAAAAIAABAAwKNMARAgAgAAAAAgAIAAwgIAABAAAAAIAAAAAAAAKAAAAAAACAAAAAAAAAAAQIAAAAAAAAAAAAAAAQAA6AEAAAAAAAAABAQAAIaBAQgAAAAAAAD0AUDwAAwpLAAAAAAAAAAAAAAAAARIEMyFBAQEIAAAAAAAAAAAAAAAAACASBMXNg/dg%3D0/br%3D1/rs%3DACT90oFJmepxpvK-r3ZacUSshx6cEPuBSg,_basecss:/xjs/_/ss/k%3Dxjs.hd.5207TriCDrQ.L.B1.O/am%3DCEgVAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAICgOwEAwAAAdgECBAAAQABgAAAEAQiAAAAhAAEIwAoAAIAAoAQAgAMAAgAKAAAAgRVAAgjIAQAlAAk98wGAAgEACAAIAAaQQUMgKgChABAAAAAAAABAAAAAwBAAAgEAOgACwAAQCQCA6IEAAAAAAIIAADABAIaBAQgAAAAAAACQAQAAAAwpIAAAAAAAAAAAAAAAAABAEAwFABQEAAAAAAAAAAAAAAAAAACAQBME/br%3D1/rs%3DACT90oFXTAKT0iRxi7XVLRJKsE0D30pDHA,_basecomb:/xjs/_/js/k%3Dxjs.hd.en_US.JtqAkOlSgkU.es5.O/ck%3Dxjs.hd.5207TriCDrQ.L.B1.O/am%3DCEgVAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAICgOwEAwAQAdgECBAAAQABgAAAEAQiCAAAhAAEIwAoAAIQDo [TRUNCATED] Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQjcvc0BCJDKzQEIucrNAQii0c0BCIrTzQEIntbNAQin2M0BCPnA1BUY9snNARi60s0BGOuNpRc= Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AZ6Zc-V3NDzY5GD-odoGC5HMfGXBe0BBilPReFewzLkpj5KY7t6I9Lcw0w; NID=520=dR0wKL5p6kLfAaRxqSJg0ZivkU7sgFycU7YRbaVrEsU6oGOCya0-3V2yRIiDcMcv2cVU78_-N-VbE8w_k4-eXmeIFKXUFsBQw70fjY4zx8waVpper0QPRWWXBV0SK9TRPbs-ftc-aeTmAb1QP-nr1-IcN30Mbz6z0UF1g49fa08RmFbe6GRQn7k9ZEYDpUPtq4NN8FsC
2025-01-07 17:01:46 UTC	1012	IN	HTTP/1.1 200 OK Version: 705503573 X-Content-Type-Options: nosniff Content-Type: text/plain; charset=UTF-8 Content-Disposition: attachment; filename="f.txt" Strict-Transport-Security: max-age=31536000 Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]} Accept-CH: Sec-CH-Prefers-Color-Scheme Accept-CH: Sec-CH-UA-Form-Factors Accept-CH: Sec-CH-UA-Platform Accept-CH: Sec-CH-UA-Platform-Version Accept-CH: Sec-CH-UA-Full-Version Accept-CH: Sec-CH-UA-Arch Accept-CH: Sec-CH-UA-Model Accept-CH: Sec-CH-UA-Bitness Accept-CH: Sec-CH-UA-Full-Version-List Accept-CH: Sec-CH-UA-WoW64 Permissions-Policy: unload=() Date: Tue, 07 Jan 2025 17:01:46 GMT Server: gws X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2025-01-07 17:01:46 UTC	48	IN	Data Raw: 32 61 0d 0a 29 5d 7d 27 0a 32 32 3b 5b 22 2d 6c 31 39 5a 36 5f 44 45 71 7a 71 37 5f 55 50 38 2d 75 64 67 41 30 22 2c 22 32 31 33 33 22 5d 0d 0a Data Ascii: 2a)]}'22;["-l19Z6_DEqzq7_UP8-udgA0","2133"]
2025-01-07 17:01:46 UTC	50	IN	Data Raw: 32 63 0d 0a 63 3b 5b 32 2c 6e 75 6c 6c 2c 22 30 22 5d 31 62 3b 3c 64 69 76 20 6a 73 6e 61 6d 65 3d 22 4e 6c 6c 30 6e 65 22 3e 3c 2f 64 69 76 3e 0d 0a Data Ascii: 2cc;[2,null,"0"]1b;<div jsname="Nll0ne"></div>
2025-01-07 17:01:46 UTC	22	IN	Data Raw: 31 30 0d 0a 63 3b 5b 39 2c 6e 75 6c 6c 2c 22 30 22 5d 30 3b 0d 0a Data Ascii: 10c;[9,null,"0"]0;
2025-01-07 17:01:46 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:46 UTC	1382	OUT	GET /images/searchbox/desktop_searchbox_sprites318_hr.webp HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQjcvc0BCJDKzQEIucrNAQii0c0BCIrTzQEIntbNAQin2M0BCPnA1BUY9snNARi60s0BGOuNpRc= Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AZ6Zc-V3NDzY5GD-odoGC5HMfGXBe0BBilPReFewzLkpj5KY7t6I9Lcw0w; NID=520=dR0wKL5p6kLfAaRxqSJg0ZivkU7sgFycU7YRbaVrEsU6oGOCya0-3V2yRIiDcMcv2cVU78_-N-VbE8w_k4-eXmeIFKXUFsBQw70fjY4zx8waVpper0QPRWWXBV0SK9TRPbs-ftc-aeTmAb1QP-nr1-IcN30Mbz6z0UF1g49fa08RmFbe6GRQn7k9ZEYDpUPtq4NN8FsC
2025-01-07 17:01:46 UTC	671	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Type: image/webp Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable" Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} Content-Length: 660 Date: Tue, 07 Jan 2025 17:01:46 GMT Expires: Tue, 07 Jan 2025 17:01:46 GMT Cache-Control: private, max-age=31536000 Last-Modified: Wed, 22 Apr 2020 22:00:00 GMT X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2025-01-07 17:01:46 UTC	660	IN	Data Raw: 52 49 46 46 8c 02 00 00 57 45 42 50 56 50 38 4c 80 02 00 00 2f 27 c0 1e 10 d5 48 76 b6 3d 6e 95 fb bf 0a bb 07 b8 51 ea d8 9f 99 61 e5 e8 28 52 76 0c 6f ab da 55 98 1c c6 fe ea 8a 99 6c 18 b6 6d 1b a6 ff 1f dc da f4 06 30 6c db 36 6c ae ed 66 da 0c b1 ed 09 a4 90 41 3f 42 08 43 98 41 19 94 c1 32 68 06 9d 41 67 30 84 10 0e e1 47 38 07 6e 23 29 52 ba 6a f1 78 a0 e6 be 50 9e 46 e5 ce 49 3b cc 4f 78 a1 e7 c7 cf f5 1c 37 2d f7 c8 cf 62 58 9e 2f eb c0 5d c5 88 96 af 33 cb b8 1c 54 80 ab 93 e1 a2 35 b7 ba 01 78 ee ac da f6 47 2e 43 09 aa 19 e0 b7 25 e2 75 03 8e 19 f9 14 75 2f 97 5f b4 3d f0 b2 94 98 bc 10 3c 21 71 06 5c 86 f8 07 39 02 f7 de b2 c2 15 5c f7 a6 1a 07 70 3a 14 bc 50 f8 34 1f 61 53 00 4e 29 9c 3e b0 3e 18 ae 22 06 db 83 39 99 e0 56 68 20 a7 aa d0 80 Data Ascii: RIFFWEBPVP8L/'Hv=nQa(RvoUlm0l6lfA?BCA2hAg0G8n#)RjxPFI;Ox7-bX/]3T5xG.C%uu/_=<!q\9\p:P4aSN)>>"9Vh

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:47 UTC	1393	OUT	GET /complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=en&authuser=0&psi=-F19Z6PLDqaV9u8Pra276A8.1736269306104&dpr=1&nolsbt=1 HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQjcvc0BCJDKzQEIucrNAQii0c0BCIrTzQEIntbNAQin2M0BCPnA1BUY9snNARi60s0BGOuNpRc= Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AZ6Zc-V3NDzY5GD-odoGC5HMfGXBe0BBilPReFewzLkpj5KY7t6I9Lcw0w; NID=520=dR0wKL5p6kLfAaRxqSJg0ZivkU7sgFycU7YRbaVrEsU6oGOCya0-3V2yRIiDcMcv2cVU78_-N-VbE8w_k4-eXmeIFKXUFsBQw70fjY4zx8waVpper0QPRWWXBV0SK9TRPbs-ftc-aeTmAb1QP-nr1-IcN30Mbz6z0UF1g49fa08RmFbe6GRQn7k9ZEYDpUPtq4NN8FsC
2025-01-07 17:01:47 UTC	1305	IN	HTTP/1.1 200 OK X-Content-Type-Options: nosniff Date: Tue, 07 Jan 2025 17:01:47 GMT Expires: Tue, 07 Jan 2025 17:01:47 GMT Cache-Control: private, max-age=3600 Content-Type: application/json; charset=UTF-8 Strict-Transport-Security: max-age=31536000 Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-W_LUgawg4bnsb707BhUS0w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1 Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]} Accept-CH: Sec-CH-Prefers-Color-Scheme Accept-CH: Sec-CH-UA-Form-Factors Accept-CH: Sec-CH-UA-Platform Accept-CH: Sec-CH-UA-Platform-Version Accept-CH: Sec-CH-UA-Full-Version Accept-CH: Sec-CH-UA-Arch Accept-CH: Sec-CH-UA-Model Accept-CH: Sec-CH-UA-Bitness Accept-CH: Sec-CH-UA-Full-Version-List Accept-CH: Sec-CH-UA-WoW64 Permissions-Policy: unload=() Content-Disposition: attachment; filename="f.txt" Server: gws X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2025-01-07 17:01:47 UTC	85	IN	Data Raw: 33 39 64 0d 0a 29 5d 7d 27 0a 5b 5b 5b 22 73 6f 6e 79 20 61 6e 6e 6f 75 6e 63 65 73 20 68 65 6c 6c 64 69 76 65 72 73 20 6d 6f 76 69 65 22 2c 30 2c 5b 33 2c 33 36 32 2c 31 34 33 5d 2c 7b 22 7a 66 22 3a 33 33 2c 22 7a 6c 22 3a 38 2c 22 7a 70 22 3a 7b 22 67 Data Ascii: 39d)]}'[[["sony announces helldivers movie",0,[3,362,143],{"zf":33,"zl":8,"zp":{"g
2025-01-07 17:01:47 UTC	847	IN	Data Raw: 73 5f 73 73 22 3a 22 31 22 7d 7d 5d 2c 5b 22 6f 75 74 6c 61 6e 64 65 72 20 73 65 61 73 6f 6e 20 37 22 2c 30 2c 5b 33 2c 33 36 32 2c 31 34 33 5d 2c 7b 22 7a 66 22 3a 33 33 2c 22 7a 6c 22 3a 38 2c 22 7a 70 22 3a 7b 22 67 73 5f 73 73 22 3a 22 31 22 7d 7d 5d 2c 5b 22 63 6f 73 74 63 6f 20 72 65 63 61 6c 6c 73 20 66 6c 75 20 6d 65 64 69 63 61 74 69 6f 6e 22 2c 30 2c 5b 33 2c 33 36 32 2c 31 34 33 5d 2c 7b 22 7a 66 22 3a 33 33 2c 22 7a 6c 22 3a 38 2c 22 7a 70 22 3a 7b 22 67 73 5f 73 73 22 3a 22 31 22 7d 7d 5d 2c 5b 22 61 6d 61 72 69 20 6a 65 66 66 65 72 73 6f 6e 22 2c 30 2c 5b 33 2c 33 36 32 2c 31 34 33 5d 2c 7b 22 7a 66 22 3a 33 33 2c 22 7a 6c 22 3a 38 2c 22 7a 70 22 3a 7b 22 67 73 5f 73 73 22 3a 22 31 22 7d 7d 5d 2c 5b 22 66 6c 69 67 68 74 20 63 61 6e 63 65 6c Data Ascii: s_ss":"1"}}],["outlander season 7",0,[3,362,143],{"zf":33,"zl":8,"zp":{"gs_ss":"1"}}],["costco recalls flu medication",0,[3,362,143],{"zf":33,"zl":8,"zp":{"gs_ss":"1"}}],["amari jefferson",0,[3,362,143],{"zf":33,"zl":8,"zp":{"gs_ss":"1"}}],["flight cancel
2025-01-07 17:01:47 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:47 UTC	2071	OUT	GET /xjs/_/js/k=xjs.hd.en_US.JtqAkOlSgkU.es5.O/ck=xjs.hd.5207TriCDrQ.L.B1.O/am=CEgVAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAICgOwEAwAQAdgECBAAAQABgAAAEAQiCAAAhAAEIwAoAAIQDoAQAgAMAAhAKwKNMgRVgAgjIAQAlAIk98wOAAhEACAAIAAaQQUMgKgChABAACAAAAABAAAAAwJAAAgEAOgACwAAQCQCA6IEAAAAAAIIABDQBAIaBAQgAAAAAAAD0AUDwAAwpLAAAAAAAAAAAAAAAAARIEMyFBBQEIAAAAAAAAAAAAAAAAACASBMXNg/d=0/dg=0/br=1/ujg=1/rs=ACT90oGhZQchv7NFfF58ZHZUahMJRJArlg/m=NzU6V,syyx,sygo,zGLm3b,syvy,syvz,syvp,DhPYme,syy3,syxy,syy1,syy0,sywi,sywj,syxz,syxw,syxx,KHourd,MpJwZc,UUJqVe,sy7o,sOXFj,sy7n,s39S4,oGtAuc,NTMZac,nAFL3,sy81,sy80,q0xTif,y05UD,sy12k,sy192,sy18w,syx4,sy18p,syx3,syx2,syx1,sy18v,sy13u,sy18m,sy13y,sy18u,sy12g,sy18q,syh2,sy13z,sy18x,sy126,sy18t,sy18r,sy18s,sy18z,sy18h,sy18n,sy18g,sy18l,sy18i,sy18d,sy14u,sy141,sy142,syx9,syxa,epYOx?xjs=s3 HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQjcvc0BCJDKzQEIucrNAQii0c0BCIrTzQEIntbNAQin2M0BCPnA1BUY9snNARi60s0BGOuNpRc= Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AZ6Zc-V3NDzY5GD-odoGC5HMfGXBe0BBilPReFewzLkpj5KY7t6I9Lcw0w; NID=520=dR0wKL5p6kLfAaRxqSJg0ZivkU7sgFycU7YRbaVrEsU6oGOCya0-3V2yRIiDcMcv2cVU78_-N-VbE8w_k4-eXmeIFKXUFsBQw70fjY4zx8waVpper0QPRWWXBV0SK9TRPbs-ftc-aeTmAb1QP-nr1-IcN30Mbz6z0UF1g49fa08RmFbe6GRQn7k9ZEYDpUPtq4NN8FsC
2025-01-07 17:01:47 UTC	818	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Vary: Accept-Encoding, Origin Content-Type: text/javascript; charset=UTF-8 Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gws-team" Report-To: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]} Content-Length: 118852 Date: Tue, 07 Jan 2025 17:01:47 GMT Expires: Wed, 07 Jan 2026 17:01:47 GMT Cache-Control: public, immutable, max-age=31536000 Last-Modified: Tue, 17 Dec 2024 20:03:53 GMT X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2025-01-07 17:01:47 UTC	572	IN	Data Raw: 5f 46 5f 69 6e 73 74 61 6c 6c 43 73 73 28 22 63 2d 77 69 7a 7b 63 6f 6e 74 61 69 6e 3a 73 74 79 6c 65 7d 63 2d 77 69 7a 3e 63 2d 64 61 74 61 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 63 2d 77 69 7a 2e 72 45 54 53 44 7b 63 6f 6e 74 61 69 6e 3a 6e 6f 6e 65 7d 63 2d 77 69 7a 2e 55 62 69 38 5a 7b 63 6f 6e 74 61 69 6e 3a 6c 61 79 6f 75 74 20 73 74 79 6c 65 7d 2e 65 61 30 4c 62 65 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 32 34 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 70 78 20 34 70 78 20 36 70 78 20 72 67 62 61 28 33 32 2c 33 33 2c 33 36 2c 30 2e 32 38 29 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f Data Ascii: _F_installCss("c-wiz{contain:style}c-wiz>c-data{display:none}c-wiz.rETSD{contain:none}c-wiz.Ubi8Z{contain:layout style}.ea0Lbe{background:#fff;border-radius:24px;box-shadow:0px 4px 6px rgba(32,33,36,0.28);margin-left:-4px;margin-top:0;position:absolute;to
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 34 70 78 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 2e 31 70 78 7d 2e 42 48 39 72 6e 7b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 66 6c 65 78 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 72 6f 77 3b 66 6c 65 78 2d 67 72 6f 77 3a 31 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 6e 6f 72 6d 61 6c 3b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 31 36 70 78 7d 2e 67 49 59 4a 55 63 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 72 67 62 28 32 34 38 2c 32 34 39 2c 32 35 30 29 3b 62 6f 72 64 65 72 3a 31 70 78 20 64 61 73 68 65 64 20 23 63 30 63 30 63 30 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 38 70 78 3b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 Data Ascii: 4px;text-align:center;letter-spacing:.1px}.BH9rn{align-items:center;display:inline-flex;flex-direction:row;flex-grow:1;justify-content:normal;padding-top:16px}.gIYJUc{background:rgb(248,249,250);border:1px dashed #c0c0c0;border-radius:8px;box-sizing:borde
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 78 7d 2e 44 56 37 74 68 65 7b 63 6f 6c 6f 72 3a 72 67 62 28 32 35 2c 31 30 33 2c 32 31 30 29 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 77 68 69 74 65 2d 73 70 61 63 65 3a 6e 6f 77 72 61 70 7d 2e 44 56 37 74 68 65 2e 52 69 45 43 66 66 3a 66 6f 63 75 73 7b 6f 75 74 6c 69 6e 65 3a 6e 6f 6e 65 7d 2e 44 56 37 74 68 65 3a 68 6f 76 65 72 2c 2e 44 56 37 74 68 65 3a 68 6f 76 65 72 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 7d 2e 44 56 37 74 68 65 3a 66 6f 63 75 73 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 7d 2e 41 72 49 41 58 62 7b 66 69 6c 6c 3a 72 67 62 28 32 34 31 2c 32 34 33 2c 32 34 34 29 7d 2e 71 4f 46 4c 73 62 7b 66 69 6c 6c 3a 72 67 62 28 32 31 38 2c 32 32 30 2c 32 32 34 29 7d 2e Data Ascii: x}.DV7the{color:rgb(25,103,210);cursor:pointer;white-space:nowrap}.DV7the.RiECff:focus{outline:none}.DV7the:hover,.DV7the:hover{text-decoration:underline}.DV7the:focus{text-decoration:underline}.ArIAXb{fill:rgb(241,243,244)}.qOFLsb{fill:rgb(218,220,224)}.
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 34 29 3b 63 6f 6c 6f 72 3a 72 67 62 28 32 36 2c 31 31 35 2c 32 33 32 29 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 66 6c 65 78 3b 66 6c 65 78 2d 73 68 72 69 6e 6b 3a 30 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 5c 22 47 6f 6f 67 6c 65 20 53 61 6e 73 5c 22 2c 52 6f 62 6f 74 6f 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 63 65 6e 74 65 72 3b 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 2e 32 35 70 78 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 38 70 78 3b 6f 75 74 6c 69 6e 65 3a 30 3b 70 61 64 64 69 6e 67 3a 38 70 78 20 32 34 70 78 7d 2e 51 77 62 64 33 3a 68 6f 76 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 72 67 62 Data Ascii: 4);color:rgb(26,115,232);cursor:pointer;display:inline-flex;flex-shrink:0;font-family:\"Google Sans\",Roboto,Arial,sans-serif;font-size:14px;justify-content:center;letter-spacing:.25px;margin-left:8px;outline:0;padding:8px 24px}.Qwbd3:hover{background:rgb
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 2c 5b 5d 29 3b 0a 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 56 4c 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 5f 2e 44 28 61 2c 33 34 29 7d 3b 5f 2e 57 4c 62 3d 21 21 28 5f 2e 49 68 5b 31 32 5d 3e 3e 32 35 26 31 29 3b 5f 2e 4d 76 3d 21 21 28 5f 2e 49 68 5b 31 32 5d 3e 3e 32 37 26 31 29 3b 5f 2e 4e 76 3d 21 21 28 5f 2e 49 68 5b 31 32 5d 3e 3e 32 38 26 31 29 3b 0a 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 79 28 22 7a 47 4c 6d 33 62 22 29 3b 0a 76 61 72 20 49 4e 63 3d 21 21 28 5f 2e 49 68 5b 31 31 5d 3e 3e 32 33 26 31 29 3b 76 61 72 20 4a 4e 63 3d 6e 65 77 20 5f 2e 45 6e 2c 4b 4e 63 3d 66 75 6e 63 Data Ascii: ,[]);}catch(e){_._DumpException(e)}try{_.VLb=function(a){return _.D(a,34)};_.WLb=!!(_.Ih[12]>>25&1);_.Mv=!!(_.Ih[12]>>27&1);_.Nv=!!(_.Ih[12]>>28&1);}catch(e){_._DumpException(e)}try{_.y("zGLm3b");var INc=!!(_.Ih[11]>>23&1);var JNc=new _.En,KNc=func
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 6d 61 74 63 68 4d 65 64 69 61 26 26 28 77 69 6e 64 6f 77 2e 6d 61 74 63 68 4d 65 64 69 61 28 22 28 70 72 65 66 65 72 73 2d 72 65 64 75 63 65 64 2d 6d 6f 74 69 6f 6e 29 22 29 2e 6d 61 74 63 68 65 73 7c 7c 77 69 6e 64 6f 77 2e 6d 61 74 63 68 4d 65 64 69 61 28 22 28 70 72 65 66 65 72 73 2d 72 65 64 75 63 65 64 2d 6d 6f 74 69 6f 6e 3a 20 72 65 64 75 63 65 29 22 29 2e 6d 61 74 63 68 65 73 29 3f 22 31 22 3a 22 30 22 3b 74 68 69 73 2e 6f 61 3d 61 2e 67 65 74 44 61 74 61 28 22 70 72 6d 22 29 2e 45 62 28 29 3f 22 31 22 3a 22 30 22 7d 3b 4d 4e 63 2e 70 72 6f 74 6f 74 79 70 65 2e 59 4f 62 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 5b 22 70 72 6d 32 33 22 2c 74 68 69 73 2e 6b 61 5d 7d 3b 4d 4e 63 2e 70 72 6f 74 6f 74 79 70 65 2e 65 54 62 3d 66 75 6e 63 74 Data Ascii: matchMedia&&(window.matchMedia("(prefers-reduced-motion)").matches\|\|window.matchMedia("(prefers-reduced-motion: reduce)").matches)?"1":"0";this.oa=a.getData("prm").Eb()?"1":"0"};MNc.prototype.YOb=function(){return["prm23",this.ka]};MNc.prototype.eTb=funct
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 28 61 2c 62 2c 63 2c 64 2c 65 29 7b 61 26 26 74 68 69 73 2e 6f 61 26 26 74 68 69 73 2e 51 61 2e 70 75 73 68 28 74 68 69 73 2e 6f 61 2e 6c 69 73 74 65 6e 28 61 2c 62 2c 63 2c 64 3d 3d 3d 76 6f 69 64 20 30 3f 21 31 3a 64 2c 65 29 29 7d 3b 5f 2e 51 73 63 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 61 2e 6f 61 26 26 61 2e 68 62 2e 70 75 73 68 28 50 73 63 28 62 2c 63 29 29 7d 3b 5f 2e 73 7a 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 64 2c 65 29 7b 65 3d 65 3d 3d 3d 76 6f 69 64 20 30 3f 21 31 3a 65 3b 69 66 28 61 2e 4d 61 5b 64 5d 29 7b 69 66 28 21 65 29 72 65 74 75 72 6e 3b 28 65 3d 61 2e 4d 61 5b 64 5d 29 26 26 5f 2e 63 61 2e 63 6c 65 61 72 54 69 6d 65 6f 75 74 28 65 29 7d 61 2e 4d 61 5b 64 5d 3d 50 73 63 28 62 2c 63 29 7d 3b 5f 2e 74 7a 3d 66 75 Data Ascii: (a,b,c,d,e){a&&this.oa&&this.Qa.push(this.oa.listen(a,b,c,d===void 0?!1:d,e))};_.Qsc=function(a,b,c){a.oa&&a.hb.push(Psc(b,c))};_.sz=function(a,b,c,d,e){e=e===void 0?!1:e;if(a.Ma[d]){if(!e)return;(e=a.Ma[d])&&_.ca.clearTimeout(e)}a.Ma[d]=Psc(b,c)};_.tz=fu
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 6c 6f 6e 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 5f 2e 55 73 63 28 74 68 69 73 2e 6c 65 66 74 2c 74 68 69 73 2e 74 6f 70 2c 74 68 69 73 2e 77 69 64 74 68 2c 74 68 69 73 2e 68 65 69 67 68 74 29 7d 3b 5f 2e 57 73 63 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 2e 77 69 64 74 68 3d 3d 30 26 26 61 2e 68 65 69 67 68 74 3d 3d 30 7d 3b 0a 5f 2e 58 73 63 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 21 62 29 72 65 74 75 72 6e 21 31 3b 76 61 72 20 63 3d 4d 61 74 68 2e 6d 61 78 28 61 2e 6c 65 66 74 2c 62 2e 6c 65 66 74 29 2c 64 3d 4d 61 74 68 2e 6d 69 6e 28 61 2e 6c 65 66 74 2b 61 2e 77 69 64 74 68 2c 62 2e 6c 65 66 74 2b 62 2e 77 69 64 74 68 29 3b 72 65 74 75 72 6e 20 4d 61 74 68 2e 6d 61 78 28 61 2e 74 6f Data Ascii: lone=function(){return new _.Usc(this.left,this.top,this.width,this.height)};_.Wsc=function(a){return a.width==0&&a.height==0};_.Xsc=function(a,b){if(!b)return!1;var c=Math.max(a.left,b.left),d=Math.min(a.left+a.width,b.left+b.width);return Math.max(a.to
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 65 61 6b 7d 62 72 65 61 6b 3b 64 65 66 61 75 6c 74 3a 5f 2e 48 6d 28 61 2c 62 2c 63 2c 64 2c 65 29 7d 7d 3b 5f 2e 75 7a 2e 70 72 6f 74 6f 74 79 70 65 2e 4c 6c 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 75 6e 6c 69 73 74 65 6e 28 61 2e 73 72 63 2c 61 2e 74 79 70 65 2c 61 2e 6c 69 73 74 65 6e 65 72 2c 61 2e 63 61 70 74 75 72 65 2c 61 2e 68 61 6e 64 6c 65 72 29 7d 3b 76 61 72 20 50 73 63 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 62 3d 3d 3d 30 3f 28 5f 2e 63 61 2e 73 65 74 54 69 6d 65 6f 75 74 28 61 2c 30 29 2c 30 29 3a 5f 2e 63 61 2e 73 65 74 54 69 6d 65 6f 75 74 28 61 2c 62 29 7d 3b 0a 5f 2e 75 7a 2e 70 72 6f 74 6f 74 79 70 65 2e 56 66 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 6c 69 73 74 65 6e 65 72 73 26 26 74 Data Ascii: eak}break;default:_.Hm(a,b,c,d,e)}};_.uz.prototype.Ll=function(a){this.unlisten(a.src,a.type,a.listener,a.capture,a.handler)};var Psc=function(a,b){return b===0?(_.ca.setTimeout(a,0),0):_.ca.setTimeout(a,b)};_.uz.prototype.Vf=function(){this.listeners&&t
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 6f 74 6f 74 79 70 65 2e 69 73 45 6d 70 74 79 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6f 61 2e 6c 65 6e 67 74 68 2b 74 68 69 73 2e 42 61 3d 3d 30 7d 3b 0a 65 74 63 2e 70 72 6f 74 6f 74 79 70 65 2e 61 64 64 45 76 65 6e 74 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 61 2e 77 61 28 74 68 69 73 2e 6f 61 29 3b 69 66 28 21 62 29 7b 66 6f 72 28 62 3d 74 68 69 73 2e 6f 61 2e 6c 65 6e 67 74 68 3b 62 3e 30 26 26 21 28 61 2e 6b 61 3e 3d 74 68 69 73 2e 6f 61 5b 62 2d 31 5d 2e 6b 61 29 3b 62 2d 2d 29 74 68 69 73 2e 6f 61 5b 62 5d 3d 74 68 69 73 2e 6f 61 5b 62 2d 31 5d 3b 74 68 69 73 2e 6f 61 5b 62 5d 3d 61 3b 62 3d 62 3d 3d 30 7c 7c 62 3c 74 68 69 73 2e 6f 61 2e 6c 65 6e 67 74 68 2d 31 7d 69 66 28 62 7c 7c 21 74 68 69 73 2e Data Ascii: ototype.isEmpty=function(){return this.oa.length+this.Ba==0};etc.prototype.addEvent=function(a){var b=a.wa(this.oa);if(!b){for(b=this.oa.length;b>0&&!(a.ka>=this.oa[b-1].ka);b--)this.oa[b]=this.oa[b-1];this.oa[b]=a;b=b==0\|\|b<this.oa.length-1}if(b\|\|!this.

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:47 UTC	1635	OUT	GET /xjs/_/js/md=2/k=xjs.hd.en_US.JtqAkOlSgkU.es5.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAACgAAAAAAQAAAAABAAAQAAAAAAEAQiCAAAgAAAAwAIAAAQDgAAAAAIAABAAwKNMARAgAgAAAAAgAIAAwgIAABAAAAAIAAAAAAAAKAAAAAAACAAAAAAAAAAAQIAAAAAAAAAAAAAAAQAA6AEAAAAAAAAABAQAAIaBAQgAAAAAAAD0AUDwAAwpLAAAAAAAAAAAAAAAAARIEMyFBBQEIAAAAAAAAAAAAAAAAACASBMXNg/rs=ACT90oHeywv9r6nrNzHuDsA-SeQ0P55qWw HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQjcvc0BCJDKzQEIucrNAQii0c0BCIrTzQEIntbNAQin2M0BCPnA1BUY9snNARi60s0BGOuNpRc= Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AZ6Zc-V3NDzY5GD-odoGC5HMfGXBe0BBilPReFewzLkpj5KY7t6I9Lcw0w; NID=520=dR0wKL5p6kLfAaRxqSJg0ZivkU7sgFycU7YRbaVrEsU6oGOCya0-3V2yRIiDcMcv2cVU78_-N-VbE8w_k4-eXmeIFKXUFsBQw70fjY4zx8waVpper0QPRWWXBV0SK9TRPbs-ftc-aeTmAb1QP-nr1-IcN30Mbz6z0UF1g49fa08RmFbe6GRQn7k9ZEYDpUPtq4NN8FsC
2025-01-07 17:01:47 UTC	828	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gws-team" Report-To: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]} Content-Length: 9392 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Tue, 07 Jan 2025 10:29:04 GMT Expires: Wed, 07 Jan 2026 10:29:04 GMT Cache-Control: public, immutable, max-age=31536000 Last-Modified: Mon, 06 Jan 2025 20:14:51 GMT Content-Type: text/javascript; charset=UTF-8 Vary: Accept-Encoding, Origin Age: 23563 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2025-01-07 17:01:47 UTC	562	IN	Data Raw: 7b 22 63 68 75 6e 6b 54 79 70 65 73 22 3a 22 33 30 30 31 31 31 31 31 31 31 31 31 30 30 31 31 31 30 30 30 31 31 31 31 31 31 31 30 30 31 31 31 31 30 30 30 31 30 30 30 30 31 30 31 31 30 31 30 30 31 31 31 31 31 31 31 31 31 31 31 31 31 31 30 30 31 31 31 31 31 31 31 31 31 30 31 31 31 30 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 30 31 30 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 Data Ascii: {"chunkTypes":"300111111111001110001111111001111000100001011010011111111111111001111111110111011111111111111111111101011111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 32 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 32 32 31 32 32 32 32 32 32 32 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 32 32 31 32 31 32 31 32 31 32 31 32 31 32 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 31 31 32 31 32 32 32 31 32 31 32 31 32 31 32 31 32 31 32 31 Data Ascii: 121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121212121222121212121212121222122222222121212121212121212221212121212122121212121212121212121212111212221212121212121
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 Data Ascii: 111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 31 31 31 31 31 32 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 33 31 31 31 32 31 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 33 31 31 31 31 31 31 31 31 33 31 31 31 31 31 31 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 30 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 33 31 31 31 31 31 31 31 31 31 32 31 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 31 31 31 31 31 31 31 31 32 31 33 31 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 33 31 31 30 31 31 31 31 31 31 30 31 30 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 Data Ascii: 111112111111111111111111113111213111111111111111111111111111111111111111113111111113111111311111111111111111111111111101111111111111111111111111111111113111111111213111111111111111111111211111111213131111111111111113110111111010111111111111111111111111111
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 Data Ascii: 111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 31 32 31 32 31 32 31 32 31 32 31 32 31 32 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 31 32 31 32 31 32 31 32 32 31 32 32 31 32 31 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 31 32 31 31 32 31 32 31 31 32 31 32 31 32 31 31 32 31 32 31 32 31 32 31 32 31 31 31 31 31 32 31 31 32 31 32 31 32 31 32 31 32 31 31 32 31 32 31 31 32 31 33 33 31 31 31 31 31 31 31 31 31 33 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 32 31 33 31 31 31 31 31 31 31 32 31 31 32 31 32 31 32 31 32 31 32 31 32 31 31 32 31 32 31 32 31 31 32 31 32 Data Ascii: 121212121212122121212121212121212121212121212121212121212121212121212112121212212212112121212121212121212121121121211212121121212121211111211212121212112121121331111111113212121212121212121212121212121212121212121212121213111111121121212121212112121211212
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 33 31 31 31 31 31 33 31 31 31 31 31 31 31 32 31 32 31 31 32 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 31 32 31 32 31 31 31 31 31 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 33 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 33 31 33 33 31 33 31 31 33 31 31 31 33 33 31 31 31 31 31 31 31 31 33 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 33 33 33 33 31 31 31 31 31 31 31 31 31 Data Ascii: 111111111111111111111111111111111111111111111111111111111111111111111111111131111131111111212112111111111111111111111111111111111111111212121111131111111111111113311111111111111111111111111111111111313313113111331111111133111111111111111111113333111111111
2025-01-07 17:01:47 UTC	490	IN	Data Raw: 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 31 32 32 32 32 32 32 32 32 32 32 32 31 31 33 31 31 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 31 31 33 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 32 33 31 31 31 31 33 31 31 31 32 32 32 32 32 32 32 32 32 32 33 31 31 31 31 31 31 32 32 32 32 33 31 30 30 30 30 32 30 32 30 30 30 30 30 30 30 30 30 30 32 30 30 30 30 30 30 30 30 30 30 30 30 31 33 31 31 32 32 32 31 32 32 32 32 32 32 31 31 32 31 31 31 31 31 31 31 31 31 31 31 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 31 33 31 31 31 31 31 31 33 33 31 31 31 32 32 32 33 32 30 30 30 30 30 30 Data Ascii: 000000000000000122222222222113110000000000000000000000011311111111111111112311113111222222222231111112222310000202000000000020000000000001311222122222211211111111111000000000000000000000000000000000000000000000000000111111111111111131111113311122232000000

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:47 UTC	1538	OUT	GET /gen_204?s=async&astyp=hpba&atyp=csi&ei=-l19Z6_DEqzq7_UP8-udgA0&rt=ipf.0,ipfr.1062,ttfb.1062,st.1063,acrt.1065,ipfrl.1065,aaft.1065,art.1065,ns.-5427&ns=1736269299478&twt=2.400000000023283&mwt=2.400000000023283 HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQjcvc0BCJDKzQEIucrNAQii0c0BCIrTzQEIntbNAQin2M0BCPnA1BUY9snNARi60s0BGOuNpRc= Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AZ6Zc-V3NDzY5GD-odoGC5HMfGXBe0BBilPReFewzLkpj5KY7t6I9Lcw0w; NID=520=dR0wKL5p6kLfAaRxqSJg0ZivkU7sgFycU7YRbaVrEsU6oGOCya0-3V2yRIiDcMcv2cVU78_-N-VbE8w_k4-eXmeIFKXUFsBQw70fjY4zx8waVpper0QPRWWXBV0SK9TRPbs-ftc-aeTmAb1QP-nr1-IcN30Mbz6z0UF1g49fa08RmFbe6GRQn7k9ZEYDpUPtq4NN8FsC
2025-01-07 17:01:47 UTC	715	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=UTF-8 Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-LXCIQzR2nJ1YL05_YhpH-A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} Permissions-Policy: unload=() Date: Tue, 07 Jan 2025 17:01:47 GMT Server: gws Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:47 UTC	2788	OUT	GET /xjs/_/js/k=xjs.hd.en_US.JtqAkOlSgkU.es5.O/ck=xjs.hd.5207TriCDrQ.L.B1.O/am=CEgVAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAICgOwEAwAQAdgECBAAAQABgAAAEAQiCAAAhAAEIwAoAAIQDoAQAgAMAAhAKwKNMgRVgAgjIAQAlAIk98wOAAhEACAAIAAaQQUMgKgChABAACAAAAABAAAAAwJAAAgEAOgACwAAQCQCA6IEAAAAAAIIABDQBAIaBAQgAAAAAAAD0AUDwAAwpLAAAAAAAAAAAAAAAAARIEMyFBBQEIAAAAAAAAAAAAAAAAACASBMXNg/d=0/dg=0/br=1/ujg=1/rs=ACT90oGhZQchv7NFfF58ZHZUahMJRJArlg/m=sb_wiz,aa,abd,sy17o,syfz,syfr,syfp,syfq,syfs,syg0,syg1,syfw,syfv,syfu,syep,syft,syfj,syfi,syfk,syfh,syfm,sy16j,sygb,sy17m,syyl,syga,syg9,syg8,async,ifl,pHXghd,sf,syig,sy3kp,sonic,sy3kv,syhl,syh1,sy3k7,sy3ka,sy277,sye3,sy9u,sy9f,sy9e,sy9c,spch,syti,syth,rtH1bd,sy19k,sy15l,sy151,sy12b,sydb,sy19i,SMquOb,sy7k,sy7j,syf3,syfe,syfc,syfb,syf2,syf0,syey,sy86,sy83,sy85,syex,syf1,syew,sybg,syb9,sybc,syaj,syap,syai,syah,syag,sya4,syba,syax,syay,syb4,syan,syb3,syaw,syat,syae,syal,syaz,sya6,sya8,sya9,sya5,syao,syad,syaa,sybj,sya0,sy9x,sybi,sy9p,sy9h,sy9k,sy9w,sya3,syb0,syev,syeu,syer,syeq,sy89,uxMpU,syem,sybq [TRUNCATED] Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQjcvc0BCJDKzQEIucrNAQii0c0BCIrTzQEIntbNAQin2M0BCPnA1BUY9snNARi60s0BGOuNpRc= Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AZ6Zc-V3NDzY5GD-odoGC5HMfGXBe0BBilPReFewzLkpj5KY7t6I9Lcw0w; NID=520=dR0wKL5p6kLfAaRxqSJg0ZivkU7sgFycU7YRbaVrEsU6oGOCya0-3V2yRIiDcMcv2cVU78_-N-VbE8w_k4-eXmeIFKXUFsBQw70fjY4zx8waVpper0QPRWWXBV0SK9TRPbs-ftc-aeTmAb1QP-nr1-IcN30Mbz6z0UF1g49fa08RmFbe6GRQn7k9ZEYDpUPtq4NN8FsC
2025-01-07 17:01:47 UTC	818	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Vary: Accept-Encoding, Origin Content-Type: text/javascript; charset=UTF-8 Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="gws-team" Report-To: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]} Content-Length: 380604 Date: Tue, 07 Jan 2025 17:01:47 GMT Expires: Wed, 07 Jan 2026 17:01:47 GMT Cache-Control: public, immutable, max-age=31536000 Last-Modified: Tue, 17 Dec 2024 20:03:53 GMT X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2025-01-07 17:01:47 UTC	572	IN	Data Raw: 74 68 69 73 2e 5f 68 64 3d 74 68 69 73 2e 5f 68 64 7c 7c 7b 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 74 72 79 7b 0a 5f 2e 79 28 22 73 62 5f 77 69 7a 22 29 3b 0a 0a 5f 2e 7a 28 29 3b 0a 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 79 28 22 61 61 22 29 3b 0a 0a 5f 2e 7a 28 29 3b 0a 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 79 28 22 61 62 64 22 29 3b 0a 76 61 72 20 57 66 69 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 66 6f 72 28 76 61 72 20 62 3d 22 22 2c 63 3d 32 31 2c 64 3d 30 3b 64 3c 61 2e 6c 65 6e 67 74 68 3b 64 2b 2b 29 64 25 34 21 3d 33 26 26 28 62 2b 3d 53 74 72 Data Ascii: this._hd=this._hd\|\|{};(function(_){var window=this;try{_.y("sb_wiz");_.z();}catch(e){_._DumpException(e)}try{_.y("aa");_.z();}catch(e){_._DumpException(e)}try{_.y("abd");var Wfi=function(a){for(var b="",c=21,d=0;d<a.length;d++)d%4!=3&&(b+=Str
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 22 3a 22 30 22 29 29 3b 72 65 74 75 72 6e 20 62 2e 6a 6f 69 6e 28 22 2c 22 29 7d 2c 65 67 69 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 61 3d 53 74 72 69 6e 67 28 61 29 3b 62 26 26 28 61 2b 3d 22 2c 22 2b 62 29 3b 67 6f 6f 67 6c 65 2e 6c 6f 67 28 64 67 69 2c 61 29 7d 2c 66 67 69 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 63 3d 0a 63 3d 3d 3d 76 6f 69 64 20 30 3f 32 3a 63 3b 69 66 28 63 3c 31 29 65 67 69 28 37 2c 62 29 3b 65 6c 73 65 7b 76 61 72 20 64 3d 6e 65 77 20 49 6d 61 67 65 3b 64 2e 6f 6e 65 72 72 6f 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 67 69 28 61 2c 62 2c 63 2d 31 29 7d 3b 64 2e 73 72 63 3d 61 7d 7d 2c 5a 66 69 3d 57 66 69 28 5b 39 37 2c 31 31 39 2c 31 31 35 2c 31 31 31 2c 31 30 37 5d 29 2c 61 67 69 3d 57 66 69 28 5b 39 37 2c 31 31 Data Ascii: ":"0"));return b.join(",")},egi=function(a,b){a=String(a);b&&(a+=","+b);google.log(dgi,a)},fgi=function(a,b,c){c=c===void 0?2:c;if(c<1)egi(7,b);else{var d=new Image;d.onerror=function(){fgi(a,b,c-1)};d.src=a}},Zfi=Wfi([97,119,115,111,107]),agi=Wfi([97,11
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 64 61 74 61 3a 22 29 29 7b 76 61 72 20 63 3d 66 49 62 28 61 2e 73 72 63 2c 30 2c 62 2c 61 2e 70 61 72 65 6e 74 45 6c 65 6d 65 6e 74 26 26 61 2e 70 61 72 65 6e 74 45 6c 65 6d 65 6e 74 2e 63 6c 69 65 6e 74 57 69 64 74 68 7c 7c 30 29 3b 61 2e 73 72 63 21 3d 3d 63 2e 73 72 63 26 26 28 61 2e 6f 6e 6c 6f 61 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 61 2e 77 69 64 74 68 3d 63 2e 77 69 64 74 68 3b 61 2e 6f 6e 6c 6f 61 64 3d 6e 75 6c 6c 7d 2c 61 2e 73 72 63 3d 63 2e 73 72 63 2c 61 2e 63 6f 6d 70 6c 65 74 65 26 26 28 61 2e 77 69 64 74 68 3d 63 2e 77 69 64 74 68 29 29 7d 7d 3b 69 49 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3d 3d 3d 22 30 22 3f 22 22 3a 61 2b 22 70 78 22 7d 3b 6a 49 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 Data Ascii: data:")){var c=fIb(a.src,0,b,a.parentElement&&a.parentElement.clientWidth\|\|0);a.src!==c.src&&(a.onload=function(){a.width=c.width;a.onload=null},a.src=c.src,a.complete&&(a.width=c.width))}};iIb=function(a){return a==="0"?"":a+"px"};jIb=function(a){return
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 5f 2e 4b 48 62 3d 77 69 6e 64 6f 77 2e 67 6f 6f 67 6c 65 26 26 77 69 6e 64 6f 77 2e 67 6f 6f 67 6c 65 2e 65 72 64 26 26 77 69 6e 64 6f 77 2e 67 6f 6f 67 6c 65 2e 65 72 64 2e 62 76 7c 7c 22 22 3b 5f 2e 4c 48 62 3d 6e 65 77 20 4d 61 70 3b 5f 2e 67 70 61 28 22 73 6b 65 77 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 61 3d 22 22 2c 62 3d 21 30 2c 63 3d 5f 2e 67 62 28 5f 2e 4c 48 62 2e 65 6e 74 72 69 65 73 28 29 29 2c 64 3d 63 2e 6e 65 78 74 28 29 3b 21 64 2e 64 6f 6e 65 3b 64 3d 63 2e 6e 65 78 74 28 29 29 7b 76 61 72 20 65 3d 5f 2e 67 62 28 64 2e 76 61 6c 75 65 29 3b 64 3d 65 2e 6e 65 78 74 28 29 2e 76 61 6c 75 65 3b 65 3d 65 2e 6e 65 78 74 28 29 2e 76 61 6c 75 65 3b 61 2b 3d 28 62 3f 22 22 3a 22 2c 22 29 2b 64 2b 22 2e 22 2b 65 3b 62 3d 21 Data Ascii: _.KHb=window.google&&window.google.erd&&window.google.erd.bv\|\|"";_.LHb=new Map;_.gpa("skew",function(){for(var a="",b=!0,c=_.gb(_.LHb.entries()),d=c.next();!d.done;d=c.next()){var e=_.gb(d.value);d=e.next().value;e=e.next().value;a+=(b?"":",")+d+"."+e;b=!
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 61 2e 6b 61 29 2c 64 3d 63 2e 6e 65 78 74 28 29 3b 21 64 2e 64 6f 6e 65 3b 64 3d 63 2e 6e 65 78 74 28 29 29 7b 76 61 72 20 65 3d 64 2e 76 61 6c 75 65 3b 64 3d 65 2e 72 65 73 6f 6c 76 65 3b 65 3d 65 2e 72 65 6a 65 63 74 3b 62 3f 65 28 62 29 3a 64 28 7b 76 61 6c 75 65 3a 76 6f 69 64 20 30 2c 64 6f 6e 65 3a 21 30 7d 29 7d 61 2e 6b 61 2e 6c 65 6e 67 74 68 3d 30 7d 7d 3b 5f 2e 77 76 2e 70 72 6f 74 6f 74 79 70 65 2e 6e 65 78 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 74 68 69 73 3b 69 66 28 74 68 69 73 2e 6f 61 2e 6c 65 6e 67 74 68 29 7b 76 61 72 20 62 3d 74 68 69 73 2e 6f 61 2e 73 68 69 66 74 28 29 3b 72 65 74 75 72 6e 20 50 72 6f 6d 69 73 65 2e 72 65 73 6f 6c 76 65 28 7b 76 61 6c 75 65 3a 62 2c 64 6f 6e 65 3a 21 31 7d 29 7d 72 65 74 75 72 6e 20 Data Ascii: a.ka),d=c.next();!d.done;d=c.next()){var e=d.value;d=e.resolve;e=e.reject;b?e(b):d({value:void 0,done:!0})}a.ka.length=0}};_.wv.prototype.next=function(){var a=this;if(this.oa.length){var b=this.oa.shift();return Promise.resolve({value:b,done:!1})}return
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 5f 2e 5a 69 28 74 68 69 73 2c 31 29 7d 3b 5f 2e 59 48 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 45 61 3d 5f 2e 6e 28 61 29 7d 3b 5f 2e 47 28 5f 2e 59 48 62 2c 5f 2e 72 29 3b 76 61 72 20 5a 48 62 3d 5f 2e 73 63 28 5f 2e 59 48 62 29 3b 76 61 72 20 24 48 62 2c 61 49 62 3b 5f 2e 4f 48 62 3d 5f 2e 43 65 28 5f 2e 63 61 2e 6b 61 3f 22 6e 22 3a 22 73 22 2c 5f 2e 46 4d 61 29 3b 24 48 62 3d 6e 65 77 20 4d 61 70 3b 61 49 62 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 74 68 69 73 2e 6b 61 3d 6e 75 6c 6c 3b 74 68 69 73 2e 6f 61 3d 61 2b 22 5f 5f 68 22 3b 74 68 69 73 2e 77 61 3d 61 2b 22 5f 5f 72 22 3b 74 68 69 73 2e 70 72 69 6f 72 69 74 79 3d 62 26 26 62 2e 70 72 69 6f 72 69 74 79 7d 3b 5f 2e 62 Data Ascii: =function(){return _.Zi(this,1)};_.YHb=function(a){this.Ea=_.n(a)};_.G(_.YHb,_.r);var ZHb=_.sc(_.YHb);var $Hb,aIb;_.OHb=_.Ce(_.ca.ka?"n":"s",_.FMa);$Hb=new Map;aIb=function(a,b){this.ka=null;this.oa=a+"__h";this.wa=a+"__r";this.priority=b&&b.priority};_.b
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 2e 22 2c 22 5f 22 29 2e 72 65 70 6c 61 63 65 41 6c 6c 28 22 2d 22 2c 22 5f 22 29 3b 61 3d 5f 2e 71 66 28 61 29 3b 72 65 74 75 72 6e 20 6e 65 77 20 5f 2e 72 4e 61 28 61 29 7d 3b 0a 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 76 48 62 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 6e 65 77 20 4d 61 70 2c 62 3d 5f 2e 62 64 28 22 65 6a 4d 4c 43 64 22 29 3b 62 2e 45 62 28 29 26 26 61 2e 73 65 74 28 22 58 2d 47 65 6f 22 2c 5f 2e 57 6b 28 62 29 29 3b 62 3d 5f 2e 62 64 28 22 50 59 46 75 44 63 22 29 3b 62 2e 45 62 28 29 26 26 61 2e 73 65 74 28 22 58 2d 43 6c 69 65 6e 74 2d 44 61 74 61 22 2c 5f 2e 57 6b 28 62 29 29 3b 62 3d 5f 2e 62 64 28 22 4a 48 48 4b 75 62 22 29 3b 62 2e 45 62 28 29 26 Data Ascii: .","_").replaceAll("-","_");a=_.qf(a);return new _.rNa(a)};}catch(e){_._DumpException(e)}try{_.vHb=function(){var a=new Map,b=_.bd("ejMLCd");b.Eb()&&a.set("X-Geo",_.Wk(b));b=_.bd("PYFuDc");b.Eb()&&a.set("X-Client-Data",_.Wk(b));b=_.bd("JHHKub");b.Eb()&
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 3d 62 2e 74 6f 53 74 72 69 6e 67 28 29 3b 28 65 3d 5f 2e 77 48 62 28 65 29 29 26 26 28 61 3d 61 2b 22 26 61 73 79 6e 63 3d 22 2b 65 29 3b 72 65 74 75 72 6e 20 61 7d 3b 5f 2e 7a 48 62 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 62 3d 3d 3d 22 22 29 61 3d 22 2f 61 73 79 6e 63 2f 22 2b 61 3b 65 6c 73 65 20 69 66 28 62 3d 3d 3d 22 66 65 65 64 5f 61 70 69 22 29 61 3d 22 2f 66 65 65 64 2d 61 70 69 2f 61 73 79 6e 63 2f 22 2b 61 3b 65 6c 73 65 20 69 66 28 62 3d 3d 3d 22 73 65 61 72 63 68 22 29 61 3d 22 2f 22 2b 62 3b 65 6c 73 65 20 74 68 72 6f 77 20 45 72 72 6f 72 28 22 45 66 60 22 2b 62 29 3b 69 66 28 21 79 48 62 2e 74 65 73 74 28 61 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 46 66 60 22 2b 61 29 3b 72 65 74 75 72 6e 20 61 7d 3b 0a 5f 2e 42 48 62 3d Data Ascii: =b.toString();(e=_.wHb(e))&&(a=a+"&async="+e);return a};_.zHb=function(a,b){if(b==="")a="/async/"+a;else if(b==="feed_api")a="/feed-api/async/"+a;else if(b==="search")a="/"+b;else throw Error("Ef`"+b);if(!yHb.test(a))throw Error("Ff`"+a);return a};_.BHb=
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 3d 2f 5e 5b 61 2d 7a 30 2d 39 2d 5f 2f 5d 2b 28 63 61 6c 6c 62 61 63 6b 3a 5c 64 2b 29 3f 24 2f 69 3b 5f 2e 44 48 62 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 3b 5f 2e 45 48 62 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 3b 46 48 62 3d 5f 2e 55 43 61 3b 0a 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 6e 48 62 3d 5f 2e 4b 28 22 7a 62 57 32 43 66 22 29 3b 5f 2e 6f 48 62 3d 5f 2e 4b 28 22 4f 5a 33 4d 37 65 22 29 3b 0a 7d 63 61 74 63 68 28 65 29 7b 5f 2e 5f 44 75 6d 70 45 78 63 65 70 74 69 6f 6e 28 65 29 7d 0a 74 72 79 7b 0a 5f 2e 6d 48 62 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 64 29 7b 63 3d 63 3d 3d 3d 76 6f 69 64 20 30 3f 7b 7d 3a 63 3b 5f 2e 49 49 61 2e 63 61 6c 6c 28 74 68 69 73 2c 61 Data Ascii: =/^[a-z0-9-_/]+(callback:\d+)?$/i;_.DHb=function(){};_.EHb=function(){};FHb=_.UCa;}catch(e){_._DumpException(e)}try{_.nHb=_.K("zbW2Cf");_.oHb=_.K("OZ3M7e");}catch(e){_._DumpException(e)}try{_.mHb=function(a,b,c,d){c=c===void 0?{}:c;_.IIa.call(this,a
2025-01-07 17:01:47 UTC	1390	IN	Data Raw: 20 62 3b 7d 72 65 74 75 72 6e 20 64 65 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 62 5b 31 5d 29 7d 3b 5f 2e 72 49 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 61 2e 64 65 74 61 69 6c 73 29 7b 69 66 28 61 2e 64 65 74 61 69 6c 73 2e 73 3d 3d 3d 34 32 39 29 7b 76 61 72 20 62 3d 61 2e 64 65 74 61 69 6c 73 2e 72 75 72 6c 3b 69 66 28 28 30 2c 5f 2e 6f 62 61 29 28 62 29 26 26 62 2e 69 6e 64 65 78 4f 66 28 22 2f 73 6f 72 72 79 2f 69 6e 64 65 78 3f 22 29 3e 2d 31 29 72 65 74 75 72 6e 20 62 7d 69 66 28 61 2e 64 65 74 61 69 6c 73 2e 65 29 72 65 74 75 72 6e 20 5f 2e 72 49 62 28 61 2e 64 65 74 61 69 6c 73 2e 65 29 7d 7d 3b 0a 5f 2e 74 49 62 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 73 49 62 2b 2b 3b 73 49 62 3d 3d 3d 31 26 26 5f 2e 67 70 61 28 22 64 Data Ascii: b;}return decodeURIComponent(b[1])};_.rIb=function(a){if(a.details){if(a.details.s===429){var b=a.details.rurl;if((0,_.oba)(b)&&b.indexOf("/sorry/index?")>-1)return b}if(a.details.e)return _.rIb(a.details.e)}};_.tIb=function(a,b){sIb++;sIb===1&&_.gpa("d

Timestamp	Bytes transferred	Direction	Data
2025-01-07 17:01:47 UTC	1557	OUT	POST /gen_204?s=webhp&t=aft&atyp=csi&ei=-F19Z6PLDqaV9u8Pra276A8&rt=wsrt.4402,aft.1053,afti.1053,cbt.91,hst.49,prt.1044&imn=11&ima=2&imad=0&imac=0&wh=907&aftie=NF&aft=1&aftp=907&opi=89978449&dt=&ts=208198 HTTP/1.1 Host: www.google.com Connection: keep-alive Content-Length: 0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-arch: "x86" sec-ch-ua-full-version: "117.0.5938.132" Content-Type: text/plain;charset=UTF-8 sec-ch-ua-platform-version: "10.0.0" sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132" sec-ch-ua-bitness: "64" sec-ch-ua-model: "" sec-ch-prefers-color-scheme: light sec-ch-ua-wow64: ?0 sec-ch-ua-platform: "Windows" Accept: / Origin: https://www.google.com X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQjcvc0BCJDKzQEIucrNAQii0c0BCIrTzQEIntbNAQin2M0BCPnA1BUY9snNARi60s0BGOuNpRc= Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty Referer: https://www.google.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AEC=AZ6Zc-V3NDzY5GD-odoGC5HMfGXBe0BBilPReFewzLkpj5KY7t6I9Lcw0w; NID=520=dR0wKL5p6kLfAaRxqSJg0ZivkU7sgFycU7YRbaVrEsU6oGOCya0-3V2yRIiDcMcv2cVU78_-N-VbE8w_k4-eXmeIFKXUFsBQw70fjY4zx8waVpper0QPRWWXBV0SK9TRPbs-ftc-aeTmAb1QP-nr1-IcN30Mbz6z0UF1g49fa08RmFbe6GRQn7k9ZEYDpUPtq4NN8FsC
2025-01-07 17:01:47 UTC	715	IN	HTTP/1.1 204 No Content Content-Type: text/html; charset=UTF-8 Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-83ZKeKAQMuAsjiFmpv00RA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws" Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} Permissions-Policy: unload=() Date: Tue, 07 Jan 2025 17:01:47 GMT Server: gws Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close